83 lines
2.0 KiB
Groff
83 lines
2.0 KiB
Groff
.\" $NetBSD: ipnat.8,v 1.10 2006/05/29 16:09:46 chap Exp $
|
|
.\"
|
|
.TH IPNAT 8
|
|
.SH NAME
|
|
ipnat \- user interface to the NAT subsystem
|
|
.SH SYNOPSIS
|
|
.B ipnat
|
|
[
|
|
.B \-dhlnrsvCF
|
|
]
|
|
[
|
|
.B \-M core
|
|
]
|
|
[
|
|
.B \-N system
|
|
]
|
|
.B \-f <\fIfilename\fP>
|
|
.SH DESCRIPTION
|
|
.PP
|
|
\fBipnat\fP opens the filename given (treating "\-" as stdin) and parses the
|
|
file for a set of rules which are to be added or removed from the IP NAT.
|
|
.PP
|
|
Each rule processed by \fBipnat\fP
|
|
is added to the kernels internal lists if there are no parsing problems.
|
|
Rules are added to the end of the internal lists, matching the order in
|
|
which they appear when given to \fBipnat\fP.
|
|
.PP
|
|
Note that
|
|
\fBipf(8)\fP
|
|
must be enabled (with \fBipf -E\fP) before NAT is configured,
|
|
as the same kernel facilities are used for
|
|
NAT functionality. In addition, packet forwarding must be
|
|
enabled.
|
|
These details may be handled automatically when \fBipnat\fP is
|
|
run by \fBrc\fP at normal system startup.
|
|
See
|
|
\fBoptions(4)\fP,
|
|
\fBsysctl(8)\fP,
|
|
and
|
|
\fBrc.conf(5)\fP
|
|
for more information.
|
|
.SH OPTIONS
|
|
.TP
|
|
.B \-C
|
|
delete all entries in the current NAT rule listing (NAT rules)
|
|
.TP
|
|
.B \-d
|
|
Enable printing of some extra debugging information.
|
|
.TP
|
|
.B \-F
|
|
delete all active entries in the current NAT translation table (currently
|
|
active NAT mappings)
|
|
.TP
|
|
.B \-h
|
|
Print number of hits for each MAP/Redirect filter.
|
|
.TP
|
|
.B \-l
|
|
Show the list of current NAT table entry mappings.
|
|
.TP
|
|
.B \-n
|
|
This flag (no-change) prevents \fBipf\fP from actually making any ioctl
|
|
calls or doing anything which would alter the currently running kernel.
|
|
.TP
|
|
.B \-r
|
|
Remove matching NAT rules rather than add them to the internal lists.
|
|
.TP
|
|
.B \-s
|
|
Retrieve and display NAT statistics.
|
|
.TP
|
|
.B \-v
|
|
Turn verbose mode on. Displays information relating to rule processing
|
|
and active rules/table entries.
|
|
.DT
|
|
.SH FILES
|
|
/dev/ipnat
|
|
.br
|
|
/usr/share/examples/ipf Directory with examples.
|
|
.SH DIAGNOSTICS
|
|
\fBioctl(SIOCGNATS): Input/output error\fP Ensure that the necessary kernel
|
|
functionality is present and \fBipf\fP enabled with \fBipf -E\fP.
|
|
.SH SEE ALSO
|
|
ipnat(5), rc.conf(5), ipf(8), ipfstat(8)
|