FireBrick Portmapping: Difference between revisions
No edit summary |
|||
Line 1: | Line 1: | ||
[[File:2700-small.png|link=:Category:FireBrick]] |
|||
==Port Mapping== |
==Port Mapping== |
||
(Remember, NAT is evil!) |
(Remember, NAT is evil!) |
Revision as of 10:27, 28 Haziran 2013
Port Mapping
(Remember, NAT is evil!)
Mapping is done under a rule-set, for example, here we happen to have a FireBrick that has a Native IP block from AAISP, and a Tunnel from TunnelBroker.net. We want to map one of the Tunneled IPs to a machine on our LAN which has been assigned one of our native IPv6 addresses from AAISP.
<rule-set name="Mapping Example">
<rule name="HE to Web server" target-ip="2001:470:1F09:B40::2" target-port="80" set-target-ip="2001:8B0:1635::D685:64FF:FEC9:E630" target-port="80" set-nat="true" log="true"/>
</rule-set>
You can of course use IPv4 addresses, and map the public IP of your FireBrick to a natted RFC1918 IP on the LAN. See the manual for other elements of the <rule ...> tag.