diff options
author | guido <guido@FreeBSD.org> | 2000-01-13 18:30:37 +0000 |
---|---|---|
committer | guido <guido@FreeBSD.org> | 2000-01-13 18:30:37 +0000 |
commit | c3aa6ac872203077a6f4cd5b2ff64081364914b9 (patch) | |
tree | cfa01573562836d96f5ea84089201765075aa87c /contrib/ipfilter/rules | |
parent | 0539756f3d2277bd1ecc19afb014c074426e2f35 (diff) | |
download | FreeBSD-src-c3aa6ac872203077a6f4cd5b2ff64081364914b9.zip FreeBSD-src-c3aa6ac872203077a6f4cd5b2ff64081364914b9.tar.gz |
Import of ipfilter 3.3.6 (freebsd relevant part)
Obtained from: ftp://coombs.anu.edu.au/pub/net/firewall/ip-filter/ip_fil3.3.6.tar.gz
Diffstat (limited to 'contrib/ipfilter/rules')
-rw-r--r-- | contrib/ipfilter/rules/ftp-proxy | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/contrib/ipfilter/rules/ftp-proxy b/contrib/ipfilter/rules/ftp-proxy index cafeeb6..ad2f717 100644 --- a/contrib/ipfilter/rules/ftp-proxy +++ b/contrib/ipfilter/rules/ftp-proxy @@ -2,7 +2,9 @@ How to setup FTP proxying using the built in proxy code. ======================================================== NOTE: Currently, the built-in FTP proxy is only available for use with NAT - (i.e. only if you're already using "map" rules with ipnat). + (i.e. only if you're already using "map" rules with ipnat). It does + support null-NAT mappings, that is, using the proxy without changing + the addresses. Lets assume your network diagram looks something like this: @@ -38,3 +40,6 @@ ipaddr-a = 10.1.1.1 int-c = vx0 ipaddr-c-net = 203.45.67.91 +The "map" rule for this proxy should precede any other NAT rules you are +using. + |