NAT Inbound redirects
-
was just trolling through the /tmp/rules.debug like a good sys admin
and found these bits in my NAT Inbound redirects sectionNAT Inbound redirects
rdr on $wireless proto tcp from any to any port { 25 } -> xxx.xxx.xxx.xxx port 25
rdr on $pppoe proto tcp from any to any port { 25 } -> xxx.xxx.xxx.xxx port 25
rdr on $lan proto tcp from any to any port { 25 } -> xxx.xxx.xxx.xxx port 25
no nat on vlan0 proto tcp from vlan0 to 10.4.2.32/29
nat on vlan0 proto tcp from 10.4.2.32/29 to xxx.xxx.xxx.xxx port 25 -> vlan0i am cool with the rdrs as those are my rules. but the ones on vlan0 to do with nat and no nat have me stumped
the rules on each interface are very much the same the firewall is outbound only.would love to know what they are for and why the other interfaces do not have them as well
-
/* does this rule redirect back to a internal host?
* if so, add some extra goo to help this work.
*/
$rule_friendly_if = convert_friendly_interface_to_real_interface_name($rule['interface']);
$rule_interface_ip = find_interface_ip($rule_friendly_if);
$rule_interface_subnet = $config['interfaces'][$rule['interface']]['subnet'];
$rule_subnet = gen_subnet($rule_interface_ip, $rule_interface_subnet);
if($rule['external-address'] == "any" and $rule['interface'] == "lan") {
$natrules .= "\n";
$natrules .= "no nat on {$rule_friendly_if} proto tcp from {$rule_friendly_if} to {$rule_subnet}/{$rule_interface_subnet}\n";
$natrules .= "nat on {$rule_friendly_if} proto tcp from {$rule_subnet}/{$rule_interface_subnet} to {$target} port {$extport[0]} -> {$rule_friendly_if}\n";
} -
ok but the host is external not internal. oh well it does not seem to create a problem