Need to skip an overload...ideas?

To:	<ipfilter@coombs.anu.edu.au>
Subject:	Need to skip an overload...ideas?
From:	Peter Eisch <peter@boku.net>
Date:	Wed, 14 Feb 2007 12:22:57 -0600
Delivered-to:	sp-com-lists@consult.net
Delivered-to:	ipfilter-list@securepoint.com
Sender:	owner-ipfilter@coombs.anu.edu.au
User-agent:	Microsoft-Entourage/10.1.6.040913.0

I have an excerpt like this:

# **** hide the office from others ****
map en0 from 201.2.30.0/24 to any -> 201.3.34.25/32 proxy port ftp ftp/tcp
map en0 from 201.2.30.0/24 to any -> 201.3.34.25/32 portmap auto
map en0 from 201.2.30.0/24 to any -> 201.3.34.25/32
# end of office hiding

Which enables me to hide all the office traffic behind the address noted.  I
now have a need to leak the office traffic out to systems on the
201.3.34.24/29 LAN.

For example, traffic between 201.2.30.22 and 201.3.34.27 would not be NAT'd.

Is there way clever way to rewrite the rule to use !to or some sort of
boolean logic so I don't have to fully enumerate the 'any' in the above
example?

Thanks,

peter

<Prev in Thread]	Current Thread	[Next in Thread>
Need to skip an overload...ideas?, Peter Eisch <= Re: Need to skip an overload...ideas?, Peter Eisch

Previous by Date:	Re: Solaris 9 crashes with IP Filter, Vincent Fox
Next by Date:	Re: Need to skip an overload...ideas?, Peter Eisch
Previous by Thread:	pfil and network performance, Buozis, Martynas
Next by Thread:	Re: Need to skip an overload...ideas?, Peter Eisch
Indexes:	[Date] [Thread] [Top] [All Lists]