redirecting a range of ports with packet filter not possible?

redirecting a range of ports with packet filter not possible?

Post by Alex » Sat, 12 Jan 2002 15:12:27



hello!

i want to redirect a range of ports (about 10 consecutive ports) from
my NAT-gateway to a computer within the LAN.
i would like to do this without having 10 rows in nat.conf. is this
possible?i have tried things like port><port, port:port and port-port,
none of which worked.
the manpage mentions nothing, and i found no answers to this question
on the web (or in this ng).

   tia / alex k

 
 
 

redirecting a range of ports with packet filter not possible?

Post by bean » Sat, 12 Jan 2002 16:12:30


Here's what I do with ipf for Age of Empires, perhaps the pf syntax is
similar or the same?

"rdr fxp1 0/0 port 2300-2400 -> 192.168.10.10 port 2300 tcpudp  # AoE2"

You give the range for the first part, then just the starting port for the
second, as you see...

HTH,
Mark


Quote:> hello!

> i want to redirect a range of ports (about 10 consecutive ports) from
> my NAT-gateway to a computer within the LAN.
> i would like to do this without having 10 rows in nat.conf. is this
> possible?i have tried things like port><port, port:port and port-port,
> none of which worked.
> the manpage mentions nothing, and i found no answers to this question
> on the web (or in this ng).

>    tia / alex k


 
 
 

redirecting a range of ports with packet filter not possible?

Post by Daniel Hartmeie » Sat, 12 Jan 2002 19:04:56



Quote:> i want to redirect a range of ports (about 10 consecutive ports) from
> my NAT-gateway to a computer within the LAN.
> i would like to do this without having 10 rows in nat.conf. is this
> possible?i have tried things like port><port, port:port and port-port,
> none of which worked.

The syntax is

  rdr on $if from any to $if port 2000:2010 -> 10.1.2.3 port 2000:*

and the man page has been updated and now documents this.

Daniel

 
 
 

redirecting a range of ports with packet filter not possible?

Post by Alex » Sun, 13 Jan 2002 05:52:46




> > i want to redirect a range of ports (about 10 consecutive ports) from
> > my NAT-gateway to a computer within the LAN.
> > i would like to do this without having 10 rows in nat.conf. is this
> > possible?i have tried things like port><port, port:port and port-port,
> > none of which worked.

> The syntax is

>   rdr on $if from any to $if port 2000:2010 -> 10.1.2.3 port 2000:*

> and the man page has been updated and now documents this.

> Daniel

thanks.
those new pages would be nice to have.
how do i easiest upgrade the manpage(s)?
find and fetch via cvs, and then manually copy them to the manpage dir? :)

  tia / alex k

 
 
 

redirecting a range of ports with packet filter not possible?

Post by Berk S. Daemo » Tue, 15 Jan 2002 15:51:02




> > i want to redirect a range of ports (about 10 consecutive ports) from
> > my NAT-gateway to a computer within the LAN.
> > i would like to do this without having 10 rows in nat.conf. is this
> > possible?i have tried things like port><port, port:port and port-port,
> > none of which worked.

> The syntax is

>   rdr on $if from any to $if port 2000:2010 -> 10.1.2.3 port 2000:*

> and the man page has been updated and now documents this.

> Daniel

Damn, PF is sweeet!