HP-UX IPFilter V17.05 Administrator Guide HP-UX 11i v2 and HP-UX 11i v3
# Interface to do the redirections on and the IP address which will be
# targeted.
#
interface lan0 192.168.1.1,2100
#
#
# NOTE: ORDER IS IMPORTANT IN THIS FILE
#
# Interface to do the redirections on and the IP address which will be
# targeted.
#
interface lan0 192.168.1.1,2100
#
connect timeout 1
connect frequency 20
#
# If no probe string is specified, a successful connection implies the
# server is still alive.
#
probe string GET /\n\n
#probe file http.check
#
response timeout 4
response string <HTML>
#response file http.ok
#
# Here we have multiple servers, listed because that's what happens to be
# used for testing of connect timeouts, read timeouts, success and things
# which don't connect.
#
remote server 192.168.1.2,23
remote server 192.168.1.2,2101
remote server 192.168.1.3,25
remote server 192.168.1.254,8000
remote server 192.168.1.1,9
6.5 Bidirectional mapping: bimap
The bimap keyword creates two map entries for the rule: one for inbound and one for outbound.
Unlike the map keyword, an initial inbound packet is not required to create the outbound rule.
The bimap keyword allows IPFilter to map IP addresses bidirectionally. You can use this when you
want the IP address of a particular device on the NAT-supported system to appear to have a
different IP address outside the system. For example:
bimap lan0 192.168.1.1/32 -> 20.20.20.1/32
In this example, the interface with IP address 192.168.1.1 on the NAT-supported system appears
to have the IP address 20.20.20.1 outside the system.
6.6 Loading NAT rules
To load IPFilter NAT rules:
1. Add NAT rules to the /etc/opt/ipf/ipnat.conf file, or to another NAT rules file you
select. See Section 10.2 (page 69) for information and instructions.
2. Use the following command to load the NAT rules manually:
ipnat -CF -f /etc/opt/ipf/ipnat.conf
This command flushes any current mappings and NAT rules, and reads NAT rules from the
specified rules file.
6.5 Bidirectional mapping: bimap 47