SRFirewall/etc/ipv4/nat.conf

# Network Address Translation Rules
# Use this file to set up network address translation rules
# Use tabs or single space to separate
#
# <type> <src-interface> <src-address> <dst-interface> <dst-address> <custom>
#
# Type: Required ( SNAT | MASQ | NETMAP | ACCEPT)
# Source Interface: Optional, ignored by NETMAP ( interface name, aka eth0 )
# Source Address: Optional ( IP address with optional netmask )
# Destination Interface: Optional for all but MASQ ( interface name, aka eth0 )
# Destination Address: Required for all but MASQ and NETMAP ( IP address with optional netmask )
# Custom: Optional for all except NETMAP, set custom section after the source/dest and before ACCEPT/DROP
# Custom: Required for NETMAP, address to map TO, then all other custom options (see example)
# You can use '-' for optional fields
#============================================================
#<type> <src-interface> <src-address> <dst-interface> <dst-address> <custom>
#SNAT eth1 10.0.0.0/24 eth0 172.16.1.1
#MASQ - - eth0 -
#NETMAP - 192.168.0.0/24 vpn0 - 172.16.0.0/24
#^ ex: map src of 192.168.0.0/24 to 172.16.0.0/24 when it leaves via vpn0
2014-04-05 14:53:01 -06:00			`# Network Address Translation Rules`
			`# Use this file to set up network address translation rules`
			`# Use tabs or single space to separate`
			`#`
Beginning work on v2.1 2014-11-29 11:50:34 -07:00			`# <type> <src-interface> <src-address> <dst-interface> <dst-address> <custom>`
2014-04-05 14:53:01 -06:00			`#`
Beginning work on v2.1 2014-11-29 11:50:34 -07:00			`# Type: Required ( SNAT \| MASQ \| NETMAP \| ACCEPT)`
Refactor NETMAP a bit so it allows more flexibility with src and dst. Requires that the custom field starts with the --to address. 2020-01-01 12:53:42 -07:00			`# Source Interface: Optional, ignored by NETMAP ( interface name, aka eth0 )`
2014-04-05 14:53:01 -06:00			`# Source Address: Optional ( IP address with optional netmask )`
			`# Destination Interface: Optional for all but MASQ ( interface name, aka eth0 )`
Refactor NETMAP a bit so it allows more flexibility with src and dst. Requires that the custom field starts with the --to address. 2020-01-01 12:53:42 -07:00			`# Destination Address: Required for all but MASQ and NETMAP ( IP address with optional netmask )`
			`# Custom: Optional for all except NETMAP, set custom section after the source/dest and before ACCEPT/DROP`
			`# Custom: Required for NETMAP, address to map TO, then all other custom options (see example)`
2014-04-05 14:53:01 -06:00			`# You can use '-' for optional fields`
			`#============================================================`
Beginning work on v2.1 2014-11-29 11:50:34 -07:00			`#<type> <src-interface> <src-address> <dst-interface> <dst-address> <custom>`
2014-04-05 15:15:41 -06:00			`#SNAT eth1 10.0.0.0/24 eth0 172.16.1.1`
			`#MASQ - - eth0 -`
Refactor NETMAP a bit so it allows more flexibility with src and dst. Requires that the custom field starts with the --to address. 2020-01-01 12:53:42 -07:00			`#NETMAP - 192.168.0.0/24 vpn0 - 172.16.0.0/24`
			`#^ ex: map src of 192.168.0.0/24 to 172.16.0.0/24 when it leaves via vpn0`
2014-04-05 14:53:01 -06:00