Forum Discussion
jdscrymgeour_42
Nov 22, 2011Nimbostratus
source port translation/ port pool
I need to either restrict the source ports used when snatting to specific ports per rule or set up a pool for a specific SNAT, I cannot see if this is possible to do if anyone can help?
Thanks
James
- nitassEmployeeis it something like this? or do i misunderstand what you are asking?
[root@ve1023:Active] config b virtual bar list virtual bar { snat automap pool foo destination 172.28.19.79:80 ip protocol 6 rules myrule } [root@ve1023:Active] config b pool foo list pool foo { members 200.200.200.101:80 {} } [root@ve1023:Active] config b rule myrule list rule myrule { when CLIENT_ACCEPTED { if {[IP::addr [IP::client_addr] equals 172.28.19.251/32]}{ snat 200.200.200.222 2222 } } } [root@ve1023:Active] config b snat translation list snat translation 200.200.200.222 {} [root@ve1023:Active] config tcpdump -nni 0.0 port 80 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on 0.0, link-type EN10MB (Ethernet), capture size 108 bytes 17:33:08.241129 IP 172.28.19.251.36749 > 172.28.19.79.80: S 87059803:87059803(0) win 5840 17:33:08.241177 IP 172.28.19.79.80 > 172.28.19.251.36749: S 3835525115:3835525115(0) ack 87059804 win 4380 17:33:08.241895 IP 172.28.19.251.36749 > 172.28.19.79.80: . ack 1 win 46 17:33:08.241971 IP 200.200.200.222.2222 > 200.200.200.101.80: S 3823560177:3823560177(0) win 4380 17:33:08.241977 IP 172.28.19.251.36749 > 172.28.19.79.80: P 1:156(155) ack 1 win 46 17:33:08.243959 IP 200.200.200.101.80 > 200.200.200.222.2222: S 2304621412:2304621412(0) ack 3823560178 win 5792 17:33:08.243972 IP 200.200.200.222.2222 > 200.200.200.101.80: . ack 1 win 4380 17:33:08.243985 IP 200.200.200.222.2222 > 200.200.200.101.80: P 1:156(155) ack 1 win 4380 17:33:08.244979 IP 200.200.200.101.80 > 200.200.200.222.2222: . ack 156 win 54 17:33:08.246933 IP 200.200.200.101.80 > 200.200.200.222.2222: P 1:263(262) ack 156 win 54 17:33:08.246944 IP 172.28.19.79.80 > 172.28.19.251.36749: P 1:263(262) ack 156 win 4535 17:33:08.246948 IP 200.200.200.101.80 > 200.200.200.222.2222: F 263:263(0) ack 156 win 54 17:33:08.246954 IP 200.200.200.222.2222 > 200.200.200.101.80: . ack 264 win 4642 17:33:08.246958 IP 172.28.19.79.80 > 172.28.19.251.36749: F 263:263(0) ack 156 win 4535 17:33:08.247870 IP 172.28.19.251.36749 > 172.28.19.79.80: . ack 263 win 54 17:33:08.248824 IP 172.28.19.251.36749 > 172.28.19.79.80: F 156:156(0) ack 264 win 54 17:33:08.248842 IP 172.28.19.79.80 > 172.28.19.251.36749: . ack 157 win 4535 17:33:08.248847 IP 200.200.200.222.2222 > 200.200.200.101.80: F 156:156(0) ack 264 win 4642 17:33:08.249822 IP 200.200.200.101.80 > 200.200.200.222.2222: . ack 157 win 54
Recent Discussions
Related Content
DevCentral Quicklinks
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com
Discover DevCentral Connects