Start the IP forwarding and routing services

 

routeadm -u -e ip4-forwarding

routeadm -u -e ip4-routing

 

Then the following configuration files

 

/etc/ipf/ipf.conf

# Filtering Redirected Services

# Combine both filtering and address translation in order to provide a service to

# only known hosts behind their NAT system.  to

# to provide  a  print server behind your the iDMZ server ext-nic (which

# is really int-printer-nic on  the  core  network)  for  pershing-nic, the following in rule

 

 

pass in on ext-nic proto tcp from edmz-address/netmask to int-printer-nic port = 515 flags S keep state

 

/etc/ipf/iu.ap

ifname      -1    0     pfil

 

/etc/ipnat.conf

 

# Whenever a packet goes out the int-nic  interface with  a  source  address  matching  the CIDR network mask of

# pershing-nic this packet will be rewritten within  the  IP stack  such  that  its  source address is int-nic, and it

# will be sent on to its original  destination.    The  system also  keeps  a  list  of  what translated connections are in

# progress so that it can perform the reverse  and  remap  the

# response  (which  will  be  directed  to  int-nic) to the internal host that really generated the packet.

 

map int-nic pershing-nic/netmask -> int-ip-address/netmask

 

# Use the redirection facilities of NAT to solve this problem by instructing it to

# remap  any  connections destined for ext-nic to really point to int-printer-nic.  

 

rdr ext-nic 0.0.0.0/0 port 9101 -> int-printer-address port 515

rdr ext-nic 0.0.0.0/0 port 9102 -> int-printer-address port 515

rdr ext-nic 0.0.0.0/0 port 9103 -> int-printer-address port 515

 

 

Then issue the following commands to make the changes effective

 

ipf -E

 

ipf -f /etc/ipf/ipf.conf

 

ipnat -F

 

ipnat -f /etc/ipf/ipnat.conf