From 46692547bc5d728eb5f3895c1a5b566b79f894dc Mon Sep 17 00:00:00 2001
From: teastep <teastep@fbd18981-670d-0410-9b5c-8dc0c1a9a2bb>
Date: Fri, 19 Mar 2004 02:49:10 +0000
Subject: [PATCH] Ready to test NETMAP

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1207 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
---
 Shorewall2/firewall |  2 +-
 Shorewall2/netmap   | 36 ++++++++++++++++++++++++++++++++++++
 2 files changed, 37 insertions(+), 1 deletion(-)
 create mode 100644 Shorewall2/netmap

diff --git a/Shorewall2/firewall b/Shorewall2/firewall
index d248f58f3..6795046ad 100755
--- a/Shorewall2/firewall
+++ b/Shorewall2/firewall
@@ -1791,7 +1791,7 @@ setup_netmap() {
 		addnatrule $(input_chain $interface)  -d $net1 -j NETMAP --to $net2
 		;;
 	    SNAT)
-		addnatrule $(output_chain $interface) -s $net1 -j NETMAP --to $net2
+		addnatrule $(output_chain $interface) -d $net1 -j NETMAP --to $net2
 		;;
 	    *)
 		fatal_error "Unvalid type $type in entry \"$type $net1 $interface $net2\""
diff --git a/Shorewall2/netmap b/Shorewall2/netmap
new file mode 100644
index 000000000..b9f250422
--- /dev/null
+++ b/Shorewall2/netmap
@@ -0,0 +1,36 @@
+##############################################################################
+#
+# Shorewall 2.0  -- Network Mapping Table
+#
+# /etc/shorewall/netmap
+#
+#	This file is used to map a network on one interface to another
+#	different interface. For a /24 network, it is like having 256 entries
+#	in the /etc/shorewall/nat file.
+#
+#	WARNING: To use this file, your kernel and iptables must have
+#		 NETMAP support included.
+#
+# Columns must be separated by white space and are:
+#
+#	NET1		Network 1 in CIDR format (e.g., 192.168.1.0/24)
+#
+#	INTERFACE	The network interface to NET1. The interface must
+#			be defined in /etc/shorewall/interfaces.
+#
+#	NET2		Network 2 in CIDR format
+#
+# Example:
+#
+#	NET1		INTERFACE 	NET2
+#	192.168.1.0/24	eth0		10.1.1.0/24
+#
+#	Packets entering on eth0 with destination address 192.168.1.n will
+#	be modified to have destination IP address 10.1.1.n.
+#
+#	Packets leaving on eth0 with source IP address 10.1.1.n will be
+#	modified to have source IP address 192.168.1.n.
+##############################################################################
+#NET1			INTERFACE	NET2
+#
+#LAST LINE -- ADD YOUR ENTRIES ABOVE THIS LINE -- DO NOT REMOVE