Date: Thu, 4 Apr 2002 19:13:07 -0600 (CST) From: Nick Rogness <nick@rogness.net> To: Diego Linke - GAMK <linke@calnet.com.br> Cc: freebsd-questions@FreeBSD.ORG Subject: Re: Advanced routing Message-ID: <Pine.BSF.4.21.0204041901510.86383-100000@cody.jharris.com> In-Reply-To: <20020404101539.10b8f019.linke@calnet.com.br>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 4 Apr 2002, Diego Linke - GAMK wrote: > Hi All, > > My objective is, the machine 192.168.0.11 out via ADSL, and other > machines (192.168.0.X) out via link. > > My interfaces address: > xl0 - 200.200.200.5 (Link Router 200.200.200.1) > xl1 - 192.168.0.1 > xl2 - 192.168.200.8 (ADSL Router 192.168.200.254) > > Default gateway is 200.200.200.1 (link) > > ipnat.conf: > map xl2 192.168.0.11/32 -> 192.168.200.8/32 > map xl0 192.168.0.0/24 -> 200.200.200.5/32 > > ipf.conf: > pass out quick on xl0 to xl2:192.168.200.254 from 192.168.0.11/32 to > any > > The problem is the machine 192.168.0.11 the conection Time out... (not > conection to internet via ADSL). > > Do you have any idea ? > I'm not sure with ipfilter but this is a snap in ipfw (using the fwd command). Nat is not the solution because it does not "change routing info" for packets. It changes the source and/or destination within the packet. You need some facility in ipfilter that changes the next-hop address so the packet gets routed out interface xl2 instead of the default xl0. This is sometimes called "policy routing". Search ipfilters site for something similar. PS. I don't even know if IPFilter can do this. Nick Rogness <nick@rogness.net> - Don't mind me...I'm just sniffing your packets To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0204041901510.86383-100000>