1 files changed, 41 insertions, 0 deletions

diff --git a/ipmasq/rules/A80pfw.rul b/ipmasq/rules/A80pfw.rul
new file mode 100644
index 0000000..de86102
--- /dev/null
+++ b/ipmasq/rules/A80pfw.rul
@@ -0,0 +1,41 @@
+# Define masqueraded hosts with an IP address or a range of addresses:
+#
+#   portfw_ip_<hostname>="<ipaddr>[-<ipaddr>]"
+#
+# <hostname> must be lowercase
+# <ipaddr>-ranges works only with iptables/netfilter (2.4.x kernels)
+#
+
+#portfw_ip_foo="10.42.42.1"
+#portfw_ip_bar="10.42.42.2"
+
+# Define pools either forwarding port (ranges) to same port on
+# masqueraded host or redirecting a single port to another port:
+#
+#    portfw_pool_<pool>="<protocol>[,<protocol>...] <port>[:<port>][,<port>...]] <hostname>"
+#    portfw_pool_<pool>="<protocol>[,<protocol>...] <port> <hostname> [<dest port>]"
+#
+# <pool> can only contain lowercase a-z and underscore (_)
+# <protocol> is either tcp or udp (or possibly others)
+# <port> can be either numbers or service names
+# <port>-ranges is denoted with colon (:) and only works with iptables/netfilter (2.4.x kernels)
+# <hostname> must be lowercase.
+#
+
+#portfw_pool_ssh="     tcp      ssh                foo"
+#portfw_pool_dns="     tcp,udp  domain             foo"
+#portfw_pool_mail="    tcp      smtp,pop3,imap     foo"
+#portfw_pool_mailsec=" tcp      ssmtp,pop3s,imaps  foo"
+#portfw_pool_http="    tcp      http,https         foo"
+
+#portfw_pool_bar_ssh=" tcp      2222               bar   22"
+#portfw_pool_foobar="  tcp      88,8080:8089       bar     "
+
+# Requests from inside to the external IP of a portforwarded host will fail.
+# Remap local requests so they look like coming from the firewall itself?
+# (This works only eith iptables/netfilter)
+# (Alternatively you need a local nameserver setup with the inside address)
+#
+############ This doesn't work yet...
+#PORTFW_REMAP_LOCAL="y"
+############ This doesn't work yet...