--- On Wed, 9/17/08, Martin Toft <[EMAIL PROTECTED]> wrote: > You could do something like this if the local daemon > listens on port > 10000: > > ext_if="lo0" > ext_ip1="192.168.0.2" > ext_ip2="192.168.0.3" > host1="10.0.0.2" > host2="10.0.0.3" > > binat on $ext_if from $host1 to any -> $ext_ip1 > nat on $ext_if from $host2 to any -> $ext_ip2 > rdr on $ext_if inet proto tcp from any to $ext_ip2 port > 1:9999 -> $host2 > rdr on $ext_if inet proto tcp from any to $ext_ip2 port > 10001:65535 -> $host2 > rdr on $ext_if inet proto udp from any to $ext_ip2 -> > $host2 > rdr on $ext_if inet proto icmp from any to $ext_ip2 -> > $host2
Thanks very much for your solution. If I use static-port with the nat, then these rules essentially construct a binat with the exception as I described. Looks like this is the way I will have to go to accomplish what I asked for. Cheers.