pf and policy routing

Huzeyfe Onal huzeyfe.onal at gmail.com
Thu Jun 22 16:28:33 UTC 2006


Hi,

you can use PF's route-to options  for Policy routing..


On 6/22/06, Sébastien AVELINE <saveline at alinto.net> wrote:
> Hi,
>
> I would like to have some advises on pf. I'd like to use pf for
> clustering a firewall and using pfsync.
> Actually I use a Linux Box to do this. The problem is that I have
> specific rules for routing with iproute2 because I got a lot of
> different subnets with multi-homing. It seems that freebsd support
> policy routing only with ipfw.
> My question is : is it possible to use ipfw just for policy routing and
> pf just for packet filtering ?
> For example I want to to do something like that :
>
> I had a default gateway (a) but if I received a packet from subnet(c) to
> subnet(d) --> use an another default gateway(y)
>                                                                   a
> packet from subnet(a) to subnet(x) -->  use an another default gateway(y)
>
>
> I wonder if route-to of pf is good for my exemple or if I should try
> something else like ipfw for routing and pf for firewalling as I said
> above. Actually I'm using freebsd 6.1 for some tests.
>
> Thanx for your answers.
>
>
> Sebastien AVELINE
>
> _______________________________________________
> freebsd-pf at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-pf
> To unsubscribe, send any mail to "freebsd-pf-unsubscribe at freebsd.org"
>


-- 
Huzeyfe ÖNAL
+90 505 5260064
---
Ag Guvenligi Listesine uye oldunuz mu?
http://www.huzeyfe.net/netsec.html


More information about the freebsd-pf mailing list