Translation rules

Adding a translation rule

Dynamic translation

  • Create the following dynamic translation rule:

 

CONFIG FILTER RULE INSERT index=9 type=nat state=on action=nat srctarget=Network_in srcif=in dsttarget=internet dstif=out natsrctarget=Firewall_out natsrcport=ephemeral_fw natsrcportlb=random position=1

CONFIG FILTER ACTIVATE

Static translation by port

  • Create the following static translation rule by port:

 

CONFIG FILTER RULE INSERT index=9 type=nat state=on action=nat srctarget=internet srcif=out dsttarget=Firewall_out dstport=http natdsttarget=web_srv natdstport=http position=2 loglevel=minor

CONFIG FILTER ACTIVATE

Static translation

  • Add the two following static translation rules:

 

CONFIG FILTER RULE INSERT index=9 type=nat state=on action=nat srctarget=srv_ftp srcif=in dsttarget=internet dstif=out natsrctarget=srv_ftp_pub natsrcarp=on natsrcport=any position=3

CONFIG FILTER RULE INSERT index=9 type=nat state=on action=nat srctarget=internet srcif=out dsttarget=srv_ftp_pub natdstarp=on dstport=any natdsttarget=srv_ftp natdstport=any position=4 loglevel=minor

CONFIG FILTER ACTIVATE