From owner-freebsd-hackers Tue Apr 22 14:06:51 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.5/8.8.5) id OAA04542 for hackers-outgoing; Tue, 22 Apr 1997 14:06:51 -0700 (PDT) Received: from dilbert.bb.cc.wa.us ([208.8.136.10]) by hub.freebsd.org (8.8.5/8.8.5) with ESMTP id OAA04535 for ; Tue, 22 Apr 1997 14:06:48 -0700 (PDT) Received: (from chris@localhost) by dilbert.bb.cc.wa.us (8.8.3/8.8.3) id OAA10254; Tue, 22 Apr 1997 14:05:00 -0700 (PDT) Date: Tue, 22 Apr 1997 14:04:59 -0700 (PDT) From: Chris Coleman To: Darren Reed cc: hackers@freebsd.org Subject: Re: IPFILTER In-Reply-To: <199701141257.MAA00330@mail.bb.cc.wa.us> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-hackers@freebsd.org X-Loop: FreeBSD.org Precedence: bulk I am running IPNAT and Currently i have this as the only rule in my rule set, so everyone comes back as the same person from the DNS. map fxp0 10.0.0.0/8 -> 208.8.136.10/32 portmap tcp/udp 10000:65000 I would like to split up the domain in to 5 sections (according to buildings) and map all the buildings separately to different ip addresses. And have the last rule catch all of the other connections and run them through current ip address. I tried to do this, but couldn;t figure out how to make a rule to "catch all" of the remaining ones. Do rules have precedence? what if i just want to map one ip address to a specific ip address and catch all the rest through the normal rules? I am sure i am missing something. --Thanks