diff options
Diffstat (limited to 'ipmasq/rules/A80pfw.rul')
-rw-r--r-- | ipmasq/rules/A80pfw.rul | 41 |
1 files changed, 41 insertions, 0 deletions
diff --git a/ipmasq/rules/A80pfw.rul b/ipmasq/rules/A80pfw.rul new file mode 100644 index 0000000..de86102 --- /dev/null +++ b/ipmasq/rules/A80pfw.rul @@ -0,0 +1,41 @@ +# Define masqueraded hosts with an IP address or a range of addresses: +# +# portfw_ip_<hostname>="<ipaddr>[-<ipaddr>]" +# +# <hostname> must be lowercase +# <ipaddr>-ranges works only with iptables/netfilter (2.4.x kernels) +# + +#portfw_ip_foo="10.42.42.1" +#portfw_ip_bar="10.42.42.2" + +# Define pools either forwarding port (ranges) to same port on +# masqueraded host or redirecting a single port to another port: +# +# portfw_pool_<pool>="<protocol>[,<protocol>...] <port>[:<port>][,<port>...]] <hostname>" +# portfw_pool_<pool>="<protocol>[,<protocol>...] <port> <hostname> [<dest port>]" +# +# <pool> can only contain lowercase a-z and underscore (_) +# <protocol> is either tcp or udp (or possibly others) +# <port> can be either numbers or service names +# <port>-ranges is denoted with colon (:) and only works with iptables/netfilter (2.4.x kernels) +# <hostname> must be lowercase. +# + +#portfw_pool_ssh=" tcp ssh foo" +#portfw_pool_dns=" tcp,udp domain foo" +#portfw_pool_mail=" tcp smtp,pop3,imap foo" +#portfw_pool_mailsec=" tcp ssmtp,pop3s,imaps foo" +#portfw_pool_http=" tcp http,https foo" + +#portfw_pool_bar_ssh=" tcp 2222 bar 22" +#portfw_pool_foobar=" tcp 88,8080:8089 bar " + +# Requests from inside to the external IP of a portforwarded host will fail. +# Remap local requests so they look like coming from the firewall itself? +# (This works only eith iptables/netfilter) +# (Alternatively you need a local nameserver setup with the inside address) +# +############ This doesn't work yet... +#PORTFW_REMAP_LOCAL="y" +############ This doesn't work yet... |