NAME
ipnat - user interface to the NAT subsystem
SYNOPSIS
ipnat
[
-dhlnrsvCF
]
[
-M core
]
[
-N system
]
-f <_f_i_l_e_n_a_m_e>
DESCRIPTION
iippnnaatt opens the filename given (treating "-" as stdin) and parses the
file for a set of rules which are to be added or removed from the IP NAT.
Each rule processed by iippnnaatt
is added to the kernels internal lists if there are no parsing problems.
Rules are added to the end of the internal lists, matching the order in
which they appear when given to iippnnaatt.
Note that
iippff((88))
must be enabled (with iippff --EE) before NAT is configured,
as the same kernel facilities are used for
NAT functionality. In addition, packet forwarding must be
enabled.
These details may be handled automatically when iippnnaatt is
run by rrcc at normal system startup.
See
ooppttiioonnss((44)),
ssyyssccttll((88)),
and
rrcc..ccoonnff((55))
for more information.
OPTIONS
-
-C
-
delete all entries in the current NAT rule listing (NAT rules)
-
-d
-
Enable printing of some extra debugging information.
-
-F
-
delete all active entries in the current NAT translation table (currently
active NAT mappings)
-
-h
-
Print number of hits for each MAP/Redirect filter.
-
-l
-
Show the list of current NAT table entry mappings.
-
-n
-
This flag (no-change) prevents iippff from actually making any ioctl
calls or doing anything which would alter the currently running kernel.
-
-r
-
Remove matching NAT rules rather than add them to the internal lists.
-
-s
-
Retrieve and display NAT statistics.
-
-v
-
Turn verbose mode on. Displays information relating to rule processing
and active rules/table entries.
FILES
/dev/ipnat
/usr/share/examples/ipf Directory with examples.
DIAGNOSTICS
iiooccttll((SSIIOOCCGGNNAATTSS)):: IInnppuutt//oouuttppuutt eerrrroorr Ensure that the necessary kernel
functionality is present and iippff enabled with iippff --EE.
SEE ALSO
ipnat(5), rc.conf(5), ipf(8), ipfstat(8)