diff options
author | brian <brian@FreeBSD.org> | 1999-05-13 16:58:31 +0000 |
---|---|---|
committer | brian <brian@FreeBSD.org> | 1999-05-13 16:58:31 +0000 |
commit | ff0afb282f95c3ba80d7229c19e108a59c6c3611 (patch) | |
tree | f85806bd647ce7bcc8f424818f6336395b8c04cd /sbin | |
parent | 2f80c9ff3392c6904bba65360c502b6962c18093 (diff) | |
download | FreeBSD-src-ff0afb282f95c3ba80d7229c19e108a59c6c3611.zip FreeBSD-src-ff0afb282f95c3ba80d7229c19e108a59c6c3611.tar.gz |
/sbin/natd portrange documentation and bugfix
Submitted by: Ruslan Ermilov <ru@ucb.crimea.ua>
PR: 11690
3.2 candidate ?
Diffstat (limited to 'sbin')
-rw-r--r-- | sbin/natd/natd.8 | 22 | ||||
-rw-r--r-- | sbin/natd/natd.c | 6 |
2 files changed, 20 insertions, 8 deletions
diff --git a/sbin/natd/natd.8 b/sbin/natd/natd.8 index 8ed0194..6ae7294 100644 --- a/sbin/natd/natd.8 +++ b/sbin/natd/natd.8 @@ -1,5 +1,5 @@ .\" manual page [] for natd 1.4 -.\" $Id: natd.8,v 1.16 1999/03/07 18:23:55 brian Exp $ +.\" $Id: natd.8,v 1.17 1999/04/08 23:15:31 eivind Exp $ .Dd 15 April 1997 .Os FreeBSD .Dt NATD 8 @@ -114,13 +114,19 @@ Only alter outgoing packets with an unregistered source address. According to rfc 1918, unregistered source addresses are 10.0.0.0/8, 172.16.0.0/12 and 192.168.0.0/16. -.It Fl redirect_port Ar proto targetIP:targetPORT [aliasIP:]aliasPORT [remoteIP[:remotePORT]] -Redirect incoming connections arriving to given port to another host and port. +.It Fl redirect_port Ar proto targetIP:targetPORT[-targetPORT] [aliasIP:]aliasPORT[-aliasPORT] [remoteIP[:remotePORT[-remotePORT]]] +Redirect incoming connections arriving to given port(s) to another host +and port(s). Proto is either tcp or udp, targetIP is the desired target IP -number, targetPORT is the desired target PORT number, aliasPORT -is the requested PORT number and aliasIP is the aliasing address. +number, targetPORT is the desired target PORT number or range, aliasPORT +is the requested PORT number or range, and aliasIP is the aliasing address. RemoteIP and remotePORT can be used to specify the connection more accurately if necessary. +The targetPORT range and aliasPORT range need not be the same numerically, +but must have the same size. +If remotePORT is not specified, it is assumed to be all ports. +If remotePORT is specified, it must match the size of targetPORT, or be 0 +(all ports). For example, the argument .Ar tcp inside1:telnet 6666 @@ -128,6 +134,12 @@ For example, the argument means that tcp packets destined for port 6666 on this machine will be sent to the telnet port on the inside1 machine. +.Ar tcp inside2:2300-2399 3300-3399 + +will redirect incoming connections on ports 3300-3399 to host +inside2, ports 2300-2399. +The mapping is 1:1 meaning port 3300 maps to 2300, 3301 maps to 2301, etc. + .It Fl redirect_address Ar localIP publicIP Redirect traffic for public IP address to a machine on the local network. This function is known as "static NAT". Normally static NAT diff --git a/sbin/natd/natd.c b/sbin/natd/natd.c index 12452c0..6adb85a 100644 --- a/sbin/natd/natd.c +++ b/sbin/natd/natd.c @@ -9,7 +9,7 @@ * * Ari Suutari <suutari@iki.fi> * - * $Id: natd.c,v 1.14 1999/03/30 10:11:21 brian Exp $ + * $Id: natd.c,v 1.15 1999/04/25 22:33:30 imp Exp $ */ #define SYSLOG_NAMES @@ -1380,7 +1380,7 @@ void SetupPortRedirect (const char* parms) numLocalPorts = GETNUMPORTS(portRange); /* - * Extract public port and optinally address. + * Extract public port and optionally address. */ ptr = strtok (NULL, " \t"); if (!ptr) @@ -1431,7 +1431,7 @@ void SetupPortRedirect (const char* parms) errx (1, "redirect_port: port ranges must be equal in size"); /* Remote port range is allowed to be '0' which means all ports. */ - if (numRemotePorts != numLocalPorts && numRemotePorts != 1 && remotePort != 0) + if (numRemotePorts != numLocalPorts && (numRemotePorts != 1 || remotePort != 0) errx (1, "redirect_port: remote port must be 0 or equal to local port range in size"); for (i = 0 ; i < numPublicPorts ; ++i) { |