1. Source NAT rule:
pass out on [external interface name] from [internal interface name]:network to any nat-to [external interface name]
2. Destination NAT rule:
pass in on [external interface name] proto tcp from [external source ip] to any port 80 rdr-to [internal dst interface]
Also you need to add alias IP at external interface to take care of arp request. The sample config(/etc/hostname.[interface name] for interface is as following
inet [ipaddress] [mask ] [broadcast address]
for alias ip add the following line
inet alias [ipaddress] [mask] [broadcast address]
pass out on [external interface name] from [internal interface name]:network to any nat-to [external interface name]
2. Destination NAT rule:
pass in on [external interface name] proto tcp from [external source ip] to any port 80 rdr-to [internal dst interface]
Also you need to add alias IP at external interface to take care of arp request. The sample config(/etc/hostname.[interface name]
inet [ipaddress] [mask ] [broadcast address]
for alias ip add the following line
inet alias [ipaddress] [mask] [broadcast address]
No comments:
Post a Comment