Policy routing with IPFW
Stephen Gill
gillsr at yahoo.com
Thu Apr 15 13:31:58 PDT 2004
Hi There,
I've been having an issue trying to figure out a way to policy route
outbound packets from a multihomed machine through the proper interface
using IPFW to no avail.
I've tried several different incantations of IPFW fwd/forward
statements, and none of them seem to do the trick.
Basically, I have a host that has multiple Internet connections. This
host is running FreeBSD 4.9 with the proper Kernel mods in place. I
have a single default route.
I would like to add rules to my ipfw firewall policy that would do the
following:
- All traffic sourced from Interface 1 (dc0) should go out gateway 1
- All traffic sourced from Interface 2 (dc1) should go out gateway 2
- All traffic destined to Interface 1 (dc0) should return out gateway 1
- All traffic destined to Interface 2 (dc1) should return out gateway 2
Gateway 1 is on dc0 and Gateway 2 is on dc1. I think you get the
picture.
Is this type of thing possible with IPFW? If not, is there any other
module that would allow me to do this? I don't care how ugly it gets,
just so long as it works.
Thanks in advance,
-- steve
__________________________________
Do you Yahoo!?
Yahoo! Tax Center - File online by April 15th
http://taxes.yahoo.com/filing.html
More information about the freebsd-security
mailing list