<!-- include start from nat-rule.xml.i --> <tagNode name="rule"> <properties> <help>Rule number for NAT</help> <valueHelp> <format>u32:1-999999</format> <description>Number of NAT rule</description> </valueHelp> <constraint> <validator name="numeric" argument="--range 1-999999"/> </constraint> <constraintErrorMessage>NAT rule number must be between 1 and 999999</constraintErrorMessage> </properties> <children> #include <include/generic-description.xml.i> <node name="destination"> <properties> <help>NAT destination parameters</help> </properties> <children> #include <include/nat-address.xml.i> #include <include/nat-port.xml.i> #include <include/firewall/source-destination-group.xml.i> </children> </node> #include <include/generic-disable-node.xml.i> #include <include/nat-exclude.xml.i> <leafNode name="log"> <properties> <help>NAT rule logging</help> <valueless/> </properties> </leafNode> <leafNode name="protocol"> <properties> <help>Protocol to NAT</help> <completionHelp> <list>all ip hopopt icmp igmp ggp ipencap st tcp egp igp pup udp tcp_udp hmp xns-idp rdp iso-tp4 dccp xtp ddp idpr-cmtp ipv6 ipv6-route ipv6-frag idrp rsvp gre esp ah skip ipv6-icmp ipv6-nonxt ipv6-opts rspf vmtp eigrp ospf ax.25 ipip etherip encap 99 pim ipcomp vrrp l2tp isis sctp fc mobility-header udplite mpls-in-ip manet hip shim6 wesp rohc</list> </completionHelp> <valueHelp> <format>all</format> <description>All IP protocols</description> </valueHelp> <valueHelp> <format>ip</format> <description>Internet Protocol, pseudo protocol number</description> </valueHelp> <valueHelp> <format>hopopt</format> <description>IPv6 Hop-by-Hop Option [RFC1883]</description> </valueHelp> <valueHelp> <format>icmp</format> <description>internet control message protocol</description> </valueHelp> <valueHelp> <format>igmp</format> <description>Internet Group Management</description> </valueHelp> <valueHelp> <format>ggp</format> <description>gateway-gateway protocol</description> </valueHelp> <valueHelp> <format>ipencap</format> <description>IP encapsulated in IP (officially IP)</description> </valueHelp> <valueHelp> <format>st</format> <description>ST datagram mode</description> </valueHelp> <valueHelp> <format>tcp</format> <description>transmission control protocol</description> </valueHelp> <valueHelp> <format>egp</format> <description>exterior gateway protocol</description> </valueHelp> <valueHelp> <format>igp</format> <description>any private interior gateway (Cisco)</description> </valueHelp> <valueHelp> <format>pup</format> <description>PARC universal packet protocol</description> </valueHelp> <valueHelp> <format>udp</format> <description>user datagram protocol</description> </valueHelp> <valueHelp> <format>tcp_udp</format> <description>Both TCP and UDP</description> </valueHelp> <valueHelp> <format>hmp</format> <description>host monitoring protocol</description> </valueHelp> <valueHelp> <format>xns-idp</format> <description>Xerox NS IDP</description> </valueHelp> <valueHelp> <format>rdp</format> <description>"reliable datagram" protocol</description> </valueHelp> <valueHelp> <format>iso-tp4</format> <description>ISO Transport Protocol class 4 [RFC905]</description> </valueHelp> <valueHelp> <format>dccp</format> <description>Datagram Congestion Control Prot. [RFC4340]</description> </valueHelp> <valueHelp> <format>xtp</format> <description>Xpress Transfer Protocol</description> </valueHelp> <valueHelp> <format>ddp</format> <description>Datagram Delivery Protocol</description> </valueHelp> <valueHelp> <format>idpr-cmtp</format> <description>IDPR Control Message Transport</description> </valueHelp> <valueHelp> <format>Ipv6</format> <description>Internet Protocol, version 6</description> </valueHelp> <valueHelp> <format>ipv6-route</format> <description>Routing Header for IPv6</description> </valueHelp> <valueHelp> <format>ipv6-frag</format> <description>Fragment Header for IPv6</description> </valueHelp> <valueHelp> <format>idrp</format> <description>Inter-Domain Routing Protocol</description> </valueHelp> <valueHelp> <format>rsvp</format> <description>Reservation Protocol</description> </valueHelp> <valueHelp> <format>gre</format> <description>General Routing Encapsulation</description> </valueHelp> <valueHelp> <format>esp</format> <description>Encap Security Payload [RFC2406]</description> </valueHelp> <valueHelp> <format>ah</format> <description>Authentication Header [RFC2402]</description> </valueHelp> <valueHelp> <format>skip</format> <description>SKIP</description> </valueHelp> <valueHelp> <format>ipv6-icmp</format> <description>ICMP for IPv6</description> </valueHelp> <valueHelp> <format>ipv6-nonxt</format> <description>No Next Header for IPv6</description> </valueHelp> <valueHelp> <format>ipv6-opts</format> <description>Destination Options for IPv6</description> </valueHelp> <valueHelp> <format>rspf</format> <description>Radio Shortest Path First (officially CPHB)</description> </valueHelp> <valueHelp> <format>vmtp</format> <description>Versatile Message Transport</description> </valueHelp> <valueHelp> <format>eigrp</format> <description>Enhanced Interior Routing Protocol (Cisco)</description> </valueHelp> <valueHelp> <format>ospf</format> <description>Open Shortest Path First IGP</description> </valueHelp> <valueHelp> <format>ax.25</format> <description>AX.25 frames</description> </valueHelp> <valueHelp> <format>ipip</format> <description>IP-within-IP Encapsulation Protocol</description> </valueHelp> <valueHelp> <format>etherip</format> <description>Ethernet-within-IP Encapsulation [RFC3378]</description> </valueHelp> <valueHelp> <format>encap</format> <description>Yet Another IP encapsulation [RFC1241]</description> </valueHelp> <valueHelp> <format>99</format> <description>Any private encryption scheme</description> </valueHelp> <valueHelp> <format>pim</format> <description>Protocol Independent Multicast</description> </valueHelp> <valueHelp> <format>ipcomp</format> <description>IP Payload Compression Protocol</description> </valueHelp> <valueHelp> <format>vrrp</format> <description>Virtual Router Redundancy Protocol [RFC5798]</description> </valueHelp> <valueHelp> <format>l2tp</format> <description>Layer Two Tunneling Protocol [RFC2661]</description> </valueHelp> <valueHelp> <format>isis</format> <description>IS-IS over IPv4</description> </valueHelp> <valueHelp> <format>sctp</format> <description>Stream Control Transmission Protocol</description> </valueHelp> <valueHelp> <format>fc</format> <description>Fibre Channel</description> </valueHelp> <valueHelp> <format>mobility-header</format> <description>Mobility Support for IPv6 [RFC3775]</description> </valueHelp> <valueHelp> <format>udplite</format> <description>UDP-Lite [RFC3828]</description> </valueHelp> <valueHelp> <format>mpls-in-ip</format> <description>MPLS-in-IP [RFC4023]</description> </valueHelp> <valueHelp> <format>manet</format> <description>MANET Protocols [RFC5498]</description> </valueHelp> <valueHelp> <format>hip</format> <description>Host Identity Protocol</description> </valueHelp> <valueHelp> <format>shim6</format> <description>Shim6 Protocol</description> </valueHelp> <valueHelp> <format>wesp</format> <description>Wrapped Encapsulating Security Payload</description> </valueHelp> <valueHelp> <format>rohc</format> <description>Robust Header Compression</description> </valueHelp> <valueHelp> <format>u32:0-255</format> <description>IP protocol number</description> </valueHelp> <constraint> <validator name="ip-protocol"/> </constraint> </properties> <defaultValue>all</defaultValue> </leafNode> <node name="source"> <properties> <help>NAT source parameters</help> </properties> <children> #include <include/nat-address.xml.i> #include <include/nat-port.xml.i> #include <include/firewall/source-destination-group.xml.i> </children> </node> </children> </tagNode> <!-- include end -->