Time for another question of my own.. ;) I have a large ipnat installation on one box, currently with over 500 rules. I'm trying to consolidate some of these rules, many of them are of the form:
rdr if0 10.0.0.0/24 port 80 -> 192.168.0.1 port 80 tcp round-robin rdr if0 10.0.0.0/24 port 80 -> 192.168.0.2 port 80 tcp round-robin rdr if0 10.0.0.0/24 port 80 -> 192.168.0.3 port 80 tcp round-robin rdr if0 10.0.0.0/24 port 80 -> 192.168.0.4 port 80 tcp round-robin rdr if0 10.0.0.0/24 port 80 -> 192.168.0.5 port 80 tcp round-robin rdr if0 10.0.0.0/24 port 80 -> 192.168.0.6 port 80 tcp round-robin The same thing is done for several T1s (the 10.0.0.0/24 blocks), for the "big three" services; http, smtp, dns. I can't change the architecture in play here, so this is just the way it has to be for now. Anwyay, when trying to consolidate a block like the above to : rdr if0 10.0.0.0/24 port 80 -> 192.168.0.1,192.168.0.2,192.168.0.3 port 80 tcp round-robin ipnat fails with : 20: can't resolve hostname: 192.168.0.2,192.168.0.3 20: syntax error in "rdr" It works fine when only two IPs are used such as: rdr if0 10.0.0.0/24 port 80 -> 192.168.0.1,192.168.0.2 port 80 tcp round-robin But not with any more than two.. I'm guessing this is just a limitation of the current rule parser. Has it been fixed in CVS or anywhere else? If not, is there any intention of doing so?
