# Network Address Translation Rules
# Use this file to set up network address translation rules
# Use tabs or single space to separate
#
# <type> <src-interface> <src-address> <dst-interface> <dst-address> <custom>
#
# Type: Required ( SNAT | MASQ | NETMAP | ACCEPT)
# Source Interface: Optional, ignored by NETMAP ( interface name, aka eth0 )
# Source Address: Optional ( IP address with optional netmask )
# Destination Interface: Optional for all but MASQ ( interface name, aka eth0 )
# Destination Address: Required for all but MASQ and NETMAP ( IP address with optional netmask )
# Custom: Optional for all except NETMAP, set custom section after the source/dest and before ACCEPT/DROP
# Custom: Required for NETMAP, address to map TO, then all other custom options (see example)
# You can use '-' for optional fields
#============================================================
#<type> <src-interface> <src-address> <dst-interface> <dst-address> <custom>
#SNAT eth1 10.0.0.0/24 eth0 172.16.1.1
#MASQ - - eth0 -
#NETMAP - 192.168.0.0/24 vpn0 - 172.16.0.0/24
#^ ex: map src of 192.168.0.0/24 to 172.16.0.0/24 when it leaves via vpn0