ѽ҉ᶬḳ℠ <vtol@xxxxxxx> wrote:
>
> > > map vpn {
> > > type inet_service : ipv4_addr
> > > elements = { 61023:179.x.x.x, 61023:172.25.120.2 }
> > The dport is the same.
> > A -> B mapping needs to be unique.
> >
> > What are you trying to do?
>
> WAN and LAN ports need to be different?
map says:
given input x, provide y
So, if input 61023, provide 179.x.x.x.
If input 61023, provide 172.25.120.2.
So, one input can only have one output.
> I would have thought that the
> different ips would provide the necessary uniqueness.
They are the result, not an input.
> I want upd traffic on WAN (ip 179.x.x.x) port 61023 to be
> forwarded/redirected to LAN (ip 172.25.120.2) port 61023.
ip daddr 179.x.x.x tcp dport 61023 dnat to 172.25.120.2
(its not clear to me if you actually want daddr or
ip saddr 179.x.x.x/8 tcp dport 61023 dnat to 172.25.120.2).
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
