Date: Tue, 7 Apr 2009 14:32:16 +0200 From: Giuliano Gavazzi <dev+lists@humph.com> To: =?ISO-8859-1?Q?Z=F6ld?= <zgabe84@gmail.com> Cc: freebsd-ipfw@freebsd.org Subject: Re: FreeBSD 7.1 IPv6 multihoming problem Message-ID: <BBDAC3A2-0305-41C2-810A-D98C2041A94A@humph.com> In-Reply-To: <75e73d840904070137s4a76dea3o248b01c2bc1f2bff@mail.gmail.com> References: <22800054.post@talk.nabble.com> <49D27F5C.7030506@elischer.org> <54A338F9-D66C-4406-804C-7443798931C8@humph.com> <75e73d840904020202q28db47e6u663a9e0bfb32a6e@mail.gmail.com> <9173F1D4-5497-4D1D-B478-009A64E41B50@humph.com> <75e73d840904070137s4a76dea3o248b01c2bc1f2bff@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On T 7 Apr, 2009, at 10:37 , Z=F6ld wrote: > Hi all! > > I think my problem is solved. As I mentioned earlier the ipfw fwd =20 > hasn't got > any effect (under FreeBSD 7.1), but pf (packet filter) can forward =20 > among the > interfaces too. > > Here are the commands: > kldload pf > > /etc/pf.conf: > pass out quick route-to (interface1_name gateway1_address) from > interface1_address to any > pass out quick route-to (interface2_name gateway2_address) from > interface2_address to any > > pf -e -f /etc/pf.conf > > Now the packets leave the computer over the proper interface =20 > independent of > the default gateway. very good! unfortunately pf hasn't been ported to the macosx kernel =20 yet... Just a warning, on MacOS X I had kernel panics, when reloading rules, =20= in some place inherited from BSD (netinet/ip_fw2.c) and I think they =20 were triggered by a fwd to the default gateway. In other words, if a =20 packet does not need to be re-routed (that is it should go to the =20 default gateway), do not use a fwd, make it an allow rule instead =20 (don't know what this is called in pf... pass) as this will have the =20 same net effect. I might be completely wrong about this panic and =20 might not apply to FreeBSD or pf, of course, but still I see no point =20= in routing explicitly what will be routed correctly anyway. Giuliano=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?BBDAC3A2-0305-41C2-810A-D98C2041A94A>