Forum Discussion
sstafford
Dec 16, 2009Nimbostratus
Ok, think I've got it.
when CLIENT_ACCEPTED {
check to see if client ip is in the class
if { [matchclass [IP::client_addr] equals $::privateOnCampus] } {
Check to see if the remote ip is in the class
Since this is an outgoing connection, it will use IP::local_addr
if { [matchclass [IP::local_addr] equals $::offCampusServers] } {
if both of the above are correct, log it, and snat it
log local0. "Match [IP::client_addr] server [IP::local_addr]"
snat 152.19.240.2
} else {
if no match forward without address rewrite.
forward
}
}
}