[SOLVED] Generic map, also with L4 protocol

Marc SCHAEFER <schaefer@xxxxxxxxxxx> · Fri, 28 Feb 2025 15:42:36 +0100

Hello,

The goal was to add the L4 protocol in a DNAT map which maps
an external IP and port to an internal (private) IP and
port, for external services mapping to internal services.

Thanks to Pablo Neira Ayuso:

>    map multihoming_ext {
>       type ipv4_addr . inet_service : ipv4_addr . inet_service

        type ipv4_addr . inet_proto . inet_service : ipv4_addr . inet_service

>       elements = {
>          46.140.72.218 . 8080  : 192.168.202.10 . 80,
>          193.72.186.130 . 8080 : 192.168.202.10 . 80
>       }
>    }

+         46.140.72.218  . tcp . 8080 : 192.168.202.10 . 80,
+         193.72.186.130 . tcp . 8080 : 192.168.202.10 . 80,
+         46.140.72.218  . udp . 5353 : 192.168.202.10 . 53

>       dnat ip addr . port to ip daddr . tcp dport map @multihoming_ext

        # @th: transport header; destination port
        dnat ip addr . port to ip daddr . meta l4proto . @th,16,16 map @multihoming_ext

I could test it and it works.