# $OpenBSD: ipnat.rules,v 1.2 1999/05/08 16:33:10 jason Exp $ #
# Template for firewall building:  10/1/2001
#
#  Replace $CAMPUS with the name of the external interface
#  device, e.g., ae1
#
#  Replace $INTERNAL-MYADDR with an actual local area network
#  IP address, e.g., 192.168.123.234
#
#  Replace $EXTERNAL-MYADDR with an assigned network
#  IP address, e.g., 123.21.123.234
#
# See /usr/share/ipf/nat.1 for examples.
# edit the ipnat= line in /etc/rc.conf to enable Network Address Translation
#
#map ppp0 10.0.0.0/8 -> ppp0/32 portmap tcp/udp 10000:20000
#
# need this proxy mapping to make FTP work
#
map $CAMPUS $INTERNAL-MYADDR/32 -> $EXTERNAL-MYADDR/32 proxy port ftp ftp/tcp
#
# repeat the ftp proxy mapping above for each set of
# $INTERNAL-MYADDR / $EXTERNAL-MYADDR pairs.
#
# the bidirectional mapping lets everything else work
#
bimap $CAMPUS $INTERNAL-MYADDR/32 -> $EXTERNAL-MYADDR/32
#
# repeat the bidirectional mapping above for each set of
# $INTERNAL-MYADDR / $EXTERNAL-MYADDR pairs.
#