From owner-freebsd-ipfw Sat Aug 3 17:21:14 2002 Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id CB94837B400 for ; Sat, 3 Aug 2002 17:21:12 -0700 (PDT) Received: from relay04.esat.net (relay04.esat.net [193.95.141.42]) by mx1.FreeBSD.org (Postfix) with ESMTP id 51FA643E4A for ; Sat, 3 Aug 2002 17:21:12 -0700 (PDT) (envelope-from phil@ipac.ie) Received: from ipac-gw.cr001.ddm.esat.net (mail.rfc-networks.ie) [193.95.188.30] by relay04.esat.net with esmtp id 17b98x-0001P0-00; Sun, 04 Aug 2002 01:21:11 +0100 Received: from tear.domain (unknown [10.0.1.254]) by mail.rfc-networks.ie (Postfix) with ESMTP id 51E6954834 for ; Sun, 4 Aug 2002 00:25:09 +0100 (IST) Received: by tear.domain (Postfix, from userid 1000) id 9524121146; Sun, 4 Aug 2002 01:22:14 +0000 (GMT) Date: Sun, 4 Aug 2002 01:22:14 +0000 From: Philip Reynolds To: freebsd-ipfw@freebsd.org Subject: Re: "ipfw fwd" not working without static route? Message-ID: <20020804012214.B1711@rfc-networks.ie> Reply-To: philip.reynolds@rfc-networks.ie References: <20020801231035.B31318@rfc-networks.ie> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: ; from mailing@novaconnect.net on Fri, Aug 02, 2002 at 09:53:28AM -0400 X-Operating-System: FreeBSD 4.6-STABLE X-URL: http://www.rfc-networks.ie Sender: owner-freebsd-ipfw@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Matt Abraham 87 lines of wisdom included: > I think in my case, a better scenario would be that I still > want to have the meeting point in building A for everyone > EXCEPT those from say, the Purchasing department; those > indiviuals should go over to building B. OK, however there is currently no route from A to B, so noone can get through. > Now the use of static routes become problematic because the > route now only applies to packets that match a certain > criteria, namely having a source address of 172.17.1.5. If I > modify the netmasks on the box (and not use ipfw fwd), I > change the behaviour for all packets coming through...not > what I want to do. I still think you can do what do you want to do by using subnetting your network properly. Crist did suggest an alternative with a ``dummy'' route. Perhaps more details (including interfaces, IP addresses, network addresses, subnets etc.) would allow us to look at the actual design of the network (which is where I feel the flaw is). -- Philip Reynolds | Technical Director philip.reynolds@rfc-networks.ie | RFC Networks Ltd. http://www.rfc-networks.ie | +353 (0)1 8832063 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message