Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Custom nat from lan

    NAT
    3
    5
    2143
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      aldo last edited by

      i am trying to add a rule to interfaces.inc as the gui does not support it.
      where ever i add it it seems to strip out all my outbound nats

      can someone offer a solution of how or where i can put this.

      my ruleset is

      anchor "smtpredirection"
      table <smtpredirection>{  192.168.50.0/24 }
      rdr on {$lanif} proto tcp from <smtpredirection>to any port 25 -> 10.250.3.36
      nat on {$lanif} proto tcp from <smtpredirection>to any port 25 -> {$lanif}

      my syntax was

      /* anchor the outbound nat rules */
      $natrules = "# outbound email rules for spam trap\n";
      $natrules .= "table <smtpredirection>{  192.168.50.0/24 }\n";
      $natrules .= "rdr on {$lanif} proto tcp from <smtpredirection>to any port 25 -> 10.250.3.36\n";
      $natrules .= "nat on {$lanif} proto tcp from <smtpredirection>to any port 25 -> {$lanif}\n";</smtpredirection></smtpredirection></smtpredirection></smtpredirection></smtpredirection></smtpredirection>

      1 Reply Last reply Reply Quote 0
      • H
        hoba last edited by

        You can setup these kind of portforwards from the gui. Set it up as portforward on interface LAN with "external adress" any.

        1 Reply Last reply Reply Quote 0
        • S
          sai last edited by

          The portforward option is in  Firewall: NAT: Port Forward

          1 Reply Last reply Reply Quote 0
          • A
            aldo last edited by

            but what i want to do is this

            < 192.168.50.1/32 192.168.50.2/32 192.168.50.128/25 >

            and the rest of the clients dont get natted by the smtp rule

            1 Reply Last reply Reply Quote 0
            • H
              hoba last edited by

              That is sourcebased natting which is not supported atm.

              1 Reply Last reply Reply Quote 0
              • First post
                Last post