Reference Manual

NAME

ppmap - specify permanent port mappings
SYNOPSIS
ppmap
ppmap apm
ppmap add tcp|udp port_range target [new_port] [ifn]
ppmap delete tcp|udp port_range [ifn]

 

...

DESCRIPTION
Command ppmap controls permanent port mapping. Permanent port mappings are used to make servers running on designated private machines accessible from the Internet. Per default, no servers other than those running under Windows on the NAT32 machine are accessible from the Internet.

If no argument is specified, the current state of the permanent port mapping table is printed as follows:

Index - the table index
Ifn - the interface to which the mapping applies
Proto - the protocol type (UDP or TCP)
Port range - the port number to be mapped
IPdst - the destination address (target) of the mapping
Ndp - the target port number
If the add argument is specified, four further arguments are required:

tcp or udp - the desired protocol
port_range - the port number range which a remote machine uses to reach a specified private host
target - the IP address or DNS name of the target machine
new_port - the starting port number at which the private machine listens (defaults to port_range)

An optional ifn argument can be specified if the mapping is to be restricted to a particular Internet interface.

Example: ppmap add tcp 80 192.168.1.10

The above command will make an HTTP daemon at port 80 on private host 192.168.1.10 accessible from the Internet via port 80 at the IP address of a NAT32 Internet interface.

Example: ppmap add tcp 30023 192.168.1.10 23

The above command will make a Telnet daemon at port 23 on private host 192.168.1.10 accessible from the Internet via port 30023 at the IP address of a NAT32 Internet interface.

Example: ppmap add udp 2000:2100 192.168.1.20 1000

The above command will map incoming UDP packets with port numbers in the range 2000 - 2100 to ports 1000 - 1100 on machine 192.168.1.20.

If the delete argument is specified, the entry for the specified protocol and port number range is deleted from the table. Hosts on the Internet then no longer have access to that server.

If the apm argument is specified, the state of the Auxiliary Port Mapping table is printed. This table contains details of currently established connections. An entry can be deleted from this table via the apmap command.

NOTES
Use Permanent Port Mapping with care because it gives external hosts access to servers on your private machines. Be sure you have set strong passwords on all services which you expose to the Internet.

You do not need to add Permanent Port Mappings for applications such as ICQ, which assume that UDP mappings are permanently stored in the Port Mapping Table of a NAT. See command umap for details on how to support such applications.

You do need to add Permanent Port Mappings for applications running on the NAT32 machine itself if the Host Transfer Mode is on (the default). In this case, the target address specified in the mapping must be 0.0.0.0.

If a target IP address is specified as *, then the current IP address of the interface over which the packet arrived is used in the mapping. In this case, the mapping table will display the value of the dmap environment variable (default 1.2.3.4).

If a target IP address is specified as mstcp, then the mapping will be to the local WINDOWS TCP/IP stack. In this case, the mapping table will display the target address as 0.0.0.0.

To make the ppmap commands persistent, place them in file user.txt, as that file is executed each time NAT32 starts.

SEE ALSO
amap, apmap, icmap, ipmap, pmap, sethtx, ukmap, umap