blob: de86102dc2d8f917d556f2ebca6f68252aa12940 (
plain)
- # Define masqueraded hosts with an IP address or a range of addresses:
- #
- # portfw_ip_<hostname>="<ipaddr>[-<ipaddr>]"
- #
- # <hostname> must be lowercase
- # <ipaddr>-ranges works only with iptables/netfilter (2.4.x kernels)
- #
- #portfw_ip_foo="10.42.42.1"
- #portfw_ip_bar="10.42.42.2"
- # Define pools either forwarding port (ranges) to same port on
- # masqueraded host or redirecting a single port to another port:
- #
- # portfw_pool_<pool>="<protocol>[,<protocol>...] <port>[:<port>][,<port>...]] <hostname>"
- # portfw_pool_<pool>="<protocol>[,<protocol>...] <port> <hostname> [<dest port>]"
- #
- # <pool> can only contain lowercase a-z and underscore (_)
- # <protocol> is either tcp or udp (or possibly others)
- # <port> can be either numbers or service names
- # <port>-ranges is denoted with colon (:) and only works with iptables/netfilter (2.4.x kernels)
- # <hostname> must be lowercase.
- #
- #portfw_pool_ssh=" tcp ssh foo"
- #portfw_pool_dns=" tcp,udp domain foo"
- #portfw_pool_mail=" tcp smtp,pop3,imap foo"
- #portfw_pool_mailsec=" tcp ssmtp,pop3s,imaps foo"
- #portfw_pool_http=" tcp http,https foo"
- #portfw_pool_bar_ssh=" tcp 2222 bar 22"
- #portfw_pool_foobar=" tcp 88,8080:8089 bar "
- # Requests from inside to the external IP of a portforwarded host will fail.
- # Remap local requests so they look like coming from the firewall itself?
- # (This works only eith iptables/netfilter)
- # (Alternatively you need a local nameserver setup with the inside address)
- #
- ############ This doesn't work yet...
- #PORTFW_REMAP_LOCAL="y"
- ############ This doesn't work yet...
|
