sysctl net.inet.ip.forwarding sysctl -w net.inet.ip.forwarding=1 cp -pi /etc/sysctl.conf /etc/sysctl.conf.dist vi /etc/sysctl.conf net.inet.ip.forwarding=1
Simple example
vi /etc/ipnat.conf map PUBLIC_IF SUBNET/24 -> PUBLIC_IP/32 proxy port ftp ftp/tcp map PUBLIC_IF SUBNET/24 -> PUBLIC_IP/32 portmap tcp/udp 10000:20000 map PUBLIC_IF SUBNET/24 -> PUBLIC_IP/32
Example with three different VLANs an redirections
map xennet1 SUBNET/24 -> PUBLIC_IP/32 proxy port ftp ftp/tcp map xennet1 SUBNET/24 -> PUBLIC_IP/32 portmap tcp/udp 10000:19999 map xennet1 SUBNET/24 -> PUBLIC_IP/32 map xennet1 SUBNET2/24 -> PUBLIC_IP/32 proxy port ftp ftp/tcp map xennet1 SUBNET2/24 -> PUBLIC_IP/32 portmap tcp/udp 20000:29999 map xennet1 SUBNET2/24 -> PUBLIC_IP/32 map xennet1 SUBNET3/24 -> PUBLIC_IP/32 proxy port ftp ftp/tcp map xennet1 SUBNET3/24 -> PUBLIC_IP/32 portmap tcp/udp 30000:39999 map xennet1 SUBNET3/24 -> PUBLIC_IP/32 #team5gw rdr xennet1 PUBLIC_IP/32 port 2220 -> GATEWAY_IP port 2222 #lenovo rdr xennet1 PUBLIC_IP/32 port 4444 -> HOSTIP1 port 4444 rdr xennet1 PUBLIC_IP/32 port 2222 -> HOSTIP1 port 22 rdr xennet1 PUBLIC_IP/32 port 52010 -> HOSTIP1 port 52010 #rdr xennet1 PUBLIC_IP/32 port 52001-52010 -> HOSTIP1 port 52001 tcp #joomla rdr xennet1 PUBLIC_IP/32 port 80 -> HOSTIP2 port 80 rdr xennet1 PUBLIC_IP/32 port 443 -> HOSTIP2 port 443 #jenkins rdr xennet1 PUBLIC_IP/32 port 8080 -> HOSTIP3 port 8080 rdr xennet1 PUBLIC_IP/32 port 8443 -> HOSTIP3 port 8443 #rdr xennet1 PUBLIC_IP/32 port 45837 -> HOSTIP3 port 45837 rdr xennet1 PUBLIC_IP/32 port 45873 -> HOSTIP3 port 45873 #luke #rdr xennet1 PUBLIC_IP/32 port 20 -> HOSTIP4 port 20 rdr xennet1 PUBLIC_IP/32 port 21 -> HOSTIP4 port 21 rdr xennet1 PUBLIC_IP/32 port 50000-50999 -> HOSTIP4 port 50000 tcp #nsdpub rdr xennet1 PUBLIC_IP/32 port 53 -> HOSTIP5 port 53
vi /etc/rc.conf ipnat=yes /etc/rc.d/ipnat restart