Port Service Proxy


Port Service Proxy

This service subcommand establishes a service-specific relationship between an apparent IP Address/Port Number/Protocol (UDP or TCP) combination on a public interface and an actual IP Address/Port Number combination on a private interface.

Any service request from the public area that is addressed to the apparent IP Address/Port Number combination is redirected to the actual service provider on the private network. Conversely, all reply messages from the actual IP Address/Port Number/Protocol combination are rewritten to appear to originate at the apparent public combination. All affected checksums are recalculated in the messages before they are transmitted.

A special wildcard for the apparent IP Address is provided, to simplify maintenance of the startup configuration as the public address changes. By specifying an asterisk (*) for the apparent IP Address, you are actually specifying the “natural” IP Address of the interface, which has been set either in an ifconfig command, or has been negotiated during a PPP session setup.

Command Syntax

  service [int] port [app IP|*] [app port] [TCP|UDP] [act IP] [act port] {flags}

Where:

  • “int” is the NetNAT Interface on the “public” side (i.e. en0, tr0, ppp0)
  • “app IP” is the apparent IP Address for the offered service or * if the natural IP Address of the interface is to be used
  • “app port” is the apparent Port Number for the service
  • “TCP|UDP” must specify the protocol to use, either TCP or UDP
  • “act IP” is the actual IP Address of the real server
  • “act port” is the actual Port Number of the real service
  • “flags” is an optional hex value for monitoring and logging flags

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s