multihome network

Todor Dragnev todor.dragnev at gmail.com
Wed Nov 21 01:55:19 PST 2007 

On 19.11.2007, at 06:03, alexus wrote:

> how i can acomplish this with ipf? i have ipf on that box
>

Write this in ipf.rules:

   pass out quick on fxp0 to fxp1:$fxp1_gw from $fxp1_ip to any keep  
state

don't forget to replace $fxp1_*.

This solution can be also accomplished with IPFW, options  
IPFIREWALL_FORWARD.

> On Nov 16, 2007 4:45 PM, Todor Dragnev <todor.dragnev at gmail.com>  
> wrote:
>> Hi,
>>
>> you must use advanced routing, this is very easy on linux with
>> iproute2 but freebsd is far away for now(maybe forever) and you must
>> use pf or ipf for this situation.
>>
>> So, enable pf in rc.conf
>>   pf_enable="YES"
>>
>> Add this line to the end of pf.conf:
>>   pass out quick route-to (fxp1 $fxp1_gw) inet from $fxp1_ip to !
>> $fxp1_ip keep state
>>
>> Where $fxp1_gw must be your gateway on fxp1 interface and $fxp1_ip is
>> your IP address on fxp1.
>> Keep your default gateway via 192.168.1.1. With these settings you
>> can access both 192.168.1.1 and $fxp1_ip from outside.
>>
>> Regards,
>> Todor Dragnev
>>
>>
>> On 16.11.2007, at 07:18, alexus wrote:
>>
>>> Hello,
>>>
>>> I have two NICs on my box, one (primary) connected to switch and  
>>> have
>>> private IP. that IP also have a static route on Cisco PIX for
>>> accessing this box from outside. the other interface has public IP
>>> that is connected to another switch, i configure both IPs through
>>> /etc/rc.conf, but I can not for some reason access my box through  
>>> that
>>> public IP, no firewall rules would prevent me from doing so. here is
>>> my output for netstat -rn
>>>
>>> alexus# netstat -rn
>>> Routing tables
>>>
>>> Internet:
>>> Destination        Gateway            Flags    Refs      Use  Netif
>>> Expire
>>> default            192.168.1.1        UGS         0      250   fxp0
>>> 127.0.0.1          127.0.0.1          UH          0        2    lo0
>>> 192.168.1          link#1             UC          0        0   fxp0
>>> 192.168.1.1        00:0d:29:09:90:61  UHLW        2        2
>>> fxp0   1171
>>> 192.168.1.250      00:16:cb:94:10:e9  UHLW        1       12
>>> fxp0   1169
>>> 216.112.241.24/29  link#2             UC          0        0   fxp1
>>>
>>> Internet6:
>>> Destination                       Gateway                        
>>> Flags
>>>     Netif Expire
>>> ::1                               ::1
>>> UHL         lo0
>>> fe80::%lo0/64                     fe80::1%lo0
>>> U           lo0
>>> fe80::1%lo0                       link#4
>>> UHL         lo0
>>> ff01:4::/32                       fe80::1%lo0
>>> UC          lo0
>>> ff02::%lo0/32                     fe80::1%lo0
>>> UC          lo0
>>> alexus#
>>>
>>> what am I missing?
>>>
>>> --
>>> http://alexus.org/
>>
>>> _______________________________________________
>>> freebsd-questions at freebsd.org mailing list
>>> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
>>> To unsubscribe, send any mail to "freebsd-questions-
>>> unsubscribe at freebsd.org"
>>
>>
>
>
>
> -- 
> http://alexus.org/

More information about the freebsd-questions mailing list