Source Routing
Paul Schenkeveld
fb-net at psconsult.nl
Wed Dec 31 05:00:17 PST 2003
On Wed, Dec 31, 2003 at 03:48:11AM -0800, afshin wrote:
> You know I Use ipf with for example pass xl1:1.2.3.4
> from 1.2.3.5/24 to any
> BUT, The Problem is that when I use this, the 1.2.3.5
> cannot access the local IPs,
> Without looking at routing tables of the router it
> QUICKLY passes it to the NEW gateway.
FWIW, I usually do all filtering using ipf but at one site I'm
administering I had to do source routing so I implemented the routing
part with ipfw and the (stateful) filtering with ipf. This works great
there. If needed, I can dig up some config next week and post it here.
Regards,
Paul Schenkeveld, Consultant
PSconsult ICT Services BV
> Thanks
> AFShhin
>
>
> --- Ruslan Ermilov <ru at FreeBSD.org> wrote:
> > On Tue, Dec 30, 2003 at 11:25:46AM -0800, afshin
> > wrote:
> > >
> > > > What is missing in ipfw(8) and its ``fwd''
> > option
> > > > from being a
> > > > successful implementation of policy routing?
> > > >
> > > > - by using the match probability feature, you
> > can
> > > > implement
> > > > the equal-access routing;
> > > >
> > > > - by checking the source IP adress, you can
> > > > implement
> > > > the source-sensitive routing;
> > > >
> > > > - by checking the IP TOS field, you can
> > implement
> > > > the
> > > > quality-of-service routing;
> > > >
> > > > - etc.
> > > >
> > >
> > > Dear Ruslan,
> > > Yes, That is what I really want, But it didn't
> > worked
> > > when I tried it.
> > > Would you mind please give me an working example
> > of it
> > > ?
> > > Really thank you all in advance,
> > > AFShin (AAS)
> > >
> > Sorry, but I don't have one to share. Those that I
> > have
> > are proprietary. But we could work with your
> > examples
> > to a level to make them work. ;)
> >
> >
> > Cheers,
> > --
> > Ruslan Ermilov
> > FreeBSD committer
> > ru at FreeBSD.org
> >
>
> > ATTACHMENT part 2 application/pgp-signature
>
>
>
> __________________________________
> Do you Yahoo!?
> Find out what made the Top Yahoo! Searches of 2003
> http://search.yahoo.com/top2003
> _______________________________________________
> freebsd-net at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-net
> To unsubscribe, send any mail to "freebsd-net-unsubscribe at freebsd.org"
More information about the freebsd-net
mailing list