IPNAT(8)                                                              IPNAT(8)



NAME
       ipnat - user interface to the NAT subsystem

SYNOPSIS
       ipnat [ -dhlnrsvCF ] [ -M core ] [ -N system ] -f <filename>

DESCRIPTION
       ipnat  opens  the filename given (treating "-" as stdin) and parses the
       file for a set of rules which are to be added or removed  from  the  IP
       NAT.

       Each  rule processed by ipnat is added to the kernels internal lists if
       there are no parsing problems.  Rules are  added  to  the  end  of  the
       internal  lists,  matching the order in which they appear when given to
       ipnat.

       Note that ipf(8) must be enabled (with ipf -E) before  NAT  is  config-
       ured, as the same kernel facilities are used for NAT functionality.  In
       addition, packet forwarding must be enabled.  These details may be han-
       dled  automatically  when  ipnat is run by rc at normal system startup.
       See options(4), sysctl(8), and rc.conf(5) for more information.

OPTIONS
       -C     delete all entries in the current NAT rule listing (NAT rules)

       -d     Enable printing of some extra debugging information.

       -F     delete all active entries in the current NAT  translation  table
              (currently active NAT mappings)

       -h     Print number of hits for each MAP/Redirect filter.

       -l     Show the list of current NAT table entry mappings.

       -n     This  flag  (no-change)  prevents  ipf  from actually making any
              ioctl calls or doing anything which would  alter  the  currently
              running kernel.

       -r     Remove  matching  NAT rules rather than add them to the internal
              lists.

       -s     Retrieve and display NAT statistics.

       -v     Turn verbose mode on.  Displays  information  relating  to  rule
              processing and active rules/table entries.

FILES
       /dev/ipnat
       /usr/share/examples/ipf  Directory with examples.

DIAGNOSTICS
       ioctl(SIOCGNATS):  Input/output  error Ensure that the necessary kernel
       functionality is present and ipf enabled with ipf -E.

SEE ALSO
       ipnat(5), rc.conf(5), ipf(8), ipfstat(8)



                                                                      IPNAT(8)

You can also request any man page by name and (optionally) by section:

Command: 
Section: 
Architecture: 
Collection: 
 

Use the DEFAULT collection to view manual pages for third-party software.


©1994 Man-cgi 1.15, Panagiotis Christias <christia@softlab.ntua.gr>
©1996-2014 Modified for NetBSD by Kimmo Suominen