Le 16/09/2021 à 14:58, Pablo Neira Ayuso a écrit :
[...]
Keys uniquely identify an entry in a map, if you define two entries
with the same key, you hit this conflict interval error.
I see this like forward port:ip to port:anotherip
so you want to redirect all ports except a few of them?
add map x mymap { type ipv4_addr : ipv4_addr ; }
add rule x y ip protocol { tcp, udp } th dport 1-65534 dnat to ip saddr map @mymap
This allows you to dnat depending on the IP source address, skipping 0
and 65535 for TCP and UDP.
I'm not sure yet if this is what you need though
That's my goal, thanks !
--
Daniel
