On May 15, 2005, at 5:10 PM, Jason Dixon wrote:

On May 15, 2005, at 4:11 PM, GV wrote:

not really. Actually I would like to avoid that. I rather wanted to have one
external IP address and different ports on this address should redirect to
different internal machines!

Ok, let's nip this in the bud once and for all. You just want to use binat and then allow all traffic to that host. Example where $internal_host is the IP address of your internal server, and $external_host is the external IP address you wish to map to the internal server.


internal_host = 10.0.0.2
external_host = 60.10.10.2

binat on $ext_if from $internal_host to any -> $external_host
pass quick on $ext_if from any to $internal_host
pass quick on $int_if from $internal_host to any

FYI, I didn't bother to keep state on those since you don't want to filter anything going to the host. If that changes, you'll want to start tracking state, flags, etc.


--
Jason Dixon
DixonGroup Consulting
http://www.dixongroup.net



Reply via email to