Features in 8.0?
Matthew Seaman
m.seaman at infracaninophile.co.uk
Fri Nov 6 08:19:32 UTC 2009
Tonix (Antonio Nati) wrote:
> I'd like to know if these features are available in FreeBSD 8.0.
>
> * advanced routing (I miss the possibility to define routes based
> on sender IPs)
> * carpdev
Yes to both, if you enable pf. The advanced routing I think you're asking
about is generally described as 'policy based routing' -- look for the
documentation on the 'route-to' keyword in pf rulesets:
http://openbsd.org/faq/pf/pools.html#outgoing
If you implement CARP on a firewall pair, then you will need a carp0
pseudo interface -- this can be created and configured in /etc/rc.conf like
so:
cloned_interfaces="carp0"
ifconfig_carp0="vhid 100 pass ~not~telling~you~ 192.0.2.1/24"
FreeBSD-8.0 now also has the capability of using a per-application routing
table, so you can change the routes for (say) apache or squid independently
of what applies for the rest of the system. See setfib(1) for more
information, plus recent examples of implementing this in RC scripts on
the ports mailing list.
Cheers,
Matthew
--
Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard
Flat 3
PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate
Kent, CT11 9PW
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 259 bytes
Desc: OpenPGP digital signature
Url : http://lists.freebsd.org/pipermail/freebsd-stable/attachments/20091106/71f3e4c8/signature.pgp
More information about the freebsd-stable
mailing list