Routing question

Leon Botes leon at trusc.net
Tue Jun 10 00:41:22 PDT 2003 

Thanks for the ideas however i dont think they will work.

You see the problem is for example this.
A connection from outside on the internet can only see the outside interface
1 - 196.15.149.64/26 hence the request is sent to that interface which is
correct. However and heres the problem. All replies from that interface are
sent out via outside interface 2 - 172.16.254.0/24 which is the nat
interface and default gateway. So what i need to make the machine do is make
the machine send any reply back via the same route that is was received on.
Can this be done?

-----Original Message-----
From: Nathan Nieblas [mailto:nnieblas at microtosh.net]
Sent: 10 June 2003 09:08
To: leon at trusc.net; freebsd-questions at FreeBSD.ORG
Subject: Re: Routing question


You can probably get what you want by compiling IPDIVERT and IPFIREWALL into
your kernel.
Then running some rules, this may or may not be accurate:
ipfw add 100 divert 172.16.254.1 ip from 192.168.0.0/24 to any via out2
ipfw add 101 divert 196.15.149.65 ip from 196.15.149.64/26 to any via out1
ipfw add 102 divert 172.16.254.1 ip from 172.16.254.0/24 to any via out2

Anyways, you get the idea.. play with that for awhile let me know if I
helped any. You probably only need to use rule 101 or something very similar
to it.

Regards

----- Original Message -----
From: "Leon Botes" <leon at trusc.net>
To: <freebsd-questions at FreeBSD.ORG>
Sent: Monday, June 09, 2003 11:18 PM
Subject: Routing question


I have a box with three interface cards.
inside interface - 192.168.0.0/24
outside interface 1 - 196.15.149.64/26
outside interface 2 - 172.16.254.0/24
Inside connects to lan with windows pc's
outside 1 permanently connected to isp via wan router with diginet (t1 type
line) and is viewable from internet.
inside 2 connects to internet via DSl router using nat , connection ip
cahnges daily.

What i want the box to do is send all outgoing requests that originated from
the box or the inside lan out the outside interface 2 which it does by
setting default route.
However when a connectio originates from internet to the outside 1 interface
it must route its reply back via the same route and not via the outside
interface 2 which it is doing hence making the box invisible to the outside.

PLEASE any suggestions?

_______________________________________________
freebsd-questions at freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscribe at freebsd.org"

More information about the freebsd-questions mailing list