On Tue, Nov 05, 2002 at 01:46:57PM +0000, Antony Riley wrote: > > map if1 from 192.168.193.0/24 to 217.206.128.224/27 -> 217.206.128.227/32 > proxy port ftp ftp/tcp > map if1 from 192.168.193.0/24 port < 1024 to 217.206.128.224/27 -> > 217.206.128.227/32 portmap tcp/udp 1:1023 > map if1 from 192.168.193.0/24 to 217.206.128.224/27 -> 217.206.128.227/32 > portmap tcp/udp auto > map if1 from 192.168.193.0/24 to 217.206.128.224/27 -> 217.206.128.227/32 > > > map if1 192.168.193.0/24 -> 217.206.130.227/32 proxy port ftp ftp/tcp > map if1 192.168.193.0/24 -> 217.206.130.227/32 portmap tcp/udp auto > map if1 192.168.193.0/24 -> 217.206.130.227/32 > [...]
> > MAP 192.168.0.206 <- -> 217.206.130.227 [217.206.128.226] > (this was for ping traffic, as far as I know). > > > It should have been: > MAP 192.168.0.206 <- -> 217.206.128.227 [217.206.128.226] > > > I just don't get how this could have managed to get into the state table with > the above ruleset. 192.168.0.206 is not in 192.168.193.0/24 -Guido
