Date: Wed, 26 Jun 2002 22:16:42 +0000 From: Baldur Gislason <baldur@foo.is> To: Matt Impett <M.Impett@flarion.com> Cc: freebsd-net@freebsd.org, freebsd-questions@freebsd.org Subject: Re: source address based routing Message-ID: <20020626221824.3F6942731@tesla.foo.is> In-Reply-To: <8C92E23A3E87FB479988285F9E22BE46FDE776@ftmail.lab.flarion.com> References: <8C92E23A3E87FB479988285F9E22BE46FDE776@ftmail.lab.flarion.com>
next in thread | previous in thread | raw e-mail | index | archive | help
That's simple, FreeBSD can do policy based routing with ipfw. you need to compile a kernel with: options IPFIREWALL options IPFIREWALL_FORWARD myself I prefer to have these too but they're not absolutely necessary: options IPFIREWALL_VERBOSE options IPFIREWALL_VERBOSE_LIMIT=100 options IPFIREWALL_DEFAULT_TO_ACCEPT options IPDIVERT options DUMMYNET options BRIDGE Once we have a running kernel with the proper options, sysctl net.inet.ip.sourceroute=1 and use the ipfw fwd rules to set gateways based on policies. example: ipfw add fwd 192.168.1.1 ip from 172.20.0.0/24 to not 172.20.0.0/24 out makes 192.168.1.1 the next hop for any packet originating from 172.22.0.0/24 but destined outside 172.20.0.0/24 Baldur PS: man 8 ipfw and read http://www.freebsd.org/handbook and search http://www.google.com for further clues. On Wednesday 26 June 2002 20:30, you wrote: > Hello, > > I was wondering if it is possible to do pure source address based routing > under FreeBSD. What I really want to do is route packets from particular > source addresses to tunnels (gif devices) regardless of what the packet's > destination address is. > > thanks, > matt > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-net" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020626221824.3F6942731>