FireBrick Portmapping: Difference between revisions

From AAISP Support Site
No edit summary
Line 1: Line 1:
[[File:2700-small.png|link=:Category:FireBrick]]

==Port Mapping==
==Port Mapping==
(Remember, NAT is evil!)
(Remember, NAT is evil!)

Revision as of 10:27, 28 Haziran 2013

2700-small.png

Port Mapping

(Remember, NAT is evil!)

Mapping is done under a rule-set, for example, here we happen to have a FireBrick that has a Native IP block from AAISP, and a Tunnel from TunnelBroker.net. We want to map one of the Tunneled IPs to a machine on our LAN which has been assigned one of our native IPv6 addresses from AAISP.

<rule-set name="Mapping Example">
    <rule name="HE to Web server" target-ip="2001:470:1F09:B40::2" target-port="80" set-target-ip="2001:8B0:1635::D685:64FF:FEC9:E630" target-port="80" set-nat="true" log="true"/>
</rule-set>

You can of course use IPv4 addresses, and map the public IP of your FireBrick to a natted RFC1918 IP on the LAN. See the manual for other elements of the <rule ...> tag.