I have an excerpt like this: # **** hide the office from others **** map en0 from 201.2.30.0/24 to any -> 201.3.34.25/32 proxy port ftp ftp/tcp map en0 from 201.2.30.0/24 to any -> 201.3.34.25/32 portmap auto map en0 from 201.2.30.0/24 to any -> 201.3.34.25/32 # end of office hiding
Which enables me to hide all the office traffic behind the address noted. I now have a need to leak the office traffic out to systems on the 201.3.34.24/29 LAN. For example, traffic between 201.2.30.22 and 201.3.34.27 would not be NAT'd. Is there way clever way to rewrite the rule to use !to or some sort of boolean logic so I don't have to fully enumerate the 'any' in the above example? Thanks, peter
