NAME
ipnat - user interface to the NAT subsystem
SYNOPSIS
ipnat [
-dhlnrsvCF ] [
-M core ] [
-N system ]
-f
< filename>
DESCRIPTION
ipnat opens the filename given (treating "-" as stdin) and
parses the file for a set of rules which are to be added or removed from the
IP NAT.
Each rule processed by
ipnat is added to the kernels internal lists if
there are no parsing problems. Rules are added to the end of the internal
lists, matching the order in which they appear when given to
ipnat.
Note that if
ipf(8) is not enabled when NAT is configured, it will be
enabled automatically, as the same kernel facilities are used for NAT
functionality. In addition, packet forwarding must be enabled.
OPTIONS
- -C
- delete all entries in the current NAT rule listing (NAT
rules)
- -d
- Enable printing of some extra debugging information.
- -F
- delete all active entries in the current NAT translation
table (currently active NAT mappings)
- -h
- Print number of hits for each MAP/Redirect filter.
- -l
- Show the list of current NAT table entry mappings.
- -n
- This flag (no-change) prevents ipf from actually
making any ioctl calls or doing anything which would alter the currently
running kernel.
- -p
- This flag is used with the -r flag to cause any
active NAT sessions that were created by the rules being removed and that
are currently active to also be removed.
- -r
- Remove matching NAT rules rather than add them to the
internal lists.
- -s
- Retrieve and display NAT statistics.
- -v
- Turn verbose mode on. Displays information relating to rule
processing and active rules/table entries.
FILES
/dev/ipnat
/usr/share/examples/ipf Directory with examples.
SEE ALSO
ipnat(5), ipf(8), ipfstat(8)