>Basically, I'm at home right now and I should be able to walk 200 different >ports on the one static IP address and be able to access each of the 200 >different machines at the remote office. This is a simplified example. So you've got a "frontend" node with a ton of DNAT entries. Fine. >It works with the rules individually, but it ends up being about 800 rules >in the file. I was just hoping to trim it down a little. You could possible write yourself an enhanced DNAT that operates the way you want, i.e. dstaddr = 123.45.67.89 dstport = 8000-9000 DNAT to: dstaddr = 10.0.0.[s-port] dstport = 7000 Jan Engelhardt -- | Alphagate Systems, http://alphagate.hopto.org/
