Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 3 Aug 2007 11:20:34 -0700
From:      "Rudy Setiawan" <rudal999@gmail.com>
To:        "Julian Elischer" <julian@elischer.org>
Cc:        freebsd-ipfw@freebsd.org
Subject:   Re: redirect traffic based on destination port to another interface
Message-ID:  <8b24e4de0708031120n210f97ebj3f992ad7a757075e@mail.gmail.com>
In-Reply-To: <46B2817C.6010609@elischer.org>
References:  <8b24e4de0708021606h5bbee266xb3a4814962d26643@mail.gmail.com> <46B2817C.6010609@elischer.org>
next in thread | previous in thread | raw e-mail | index | archive | help 
On 8/2/07, Julian Elischer <julian@elischer.org> wrote:
> Rudy Setiawan wrote:
> > Hi,
> >
> > I am trying to do a traffic redirection based on destination port to
> > another interface/gateway.
> > Currently, I have a freebsd box that does simple NAT and an Internet connection.
> > I am planning to install another internet connection and use the same
> > box to do some traffic redirection.
> >
> >
> > INTERNET1 -------- freebsd box ------- INTERNET2
> >                                  |
> >                                  |
> >                        Local Area Network
> >
> > LAN = 192.168.10.0/24 with interface em0
> > INTERNET1-GW = x.x.x.1 with em1
> > INTERNET2-GW = y.y.y.1 with rl0
> >
> > My goal is to redirect any ssh traffic to INTERNET2-GW and I assume
> > that if it can be redirected through INTERNET2-GW then the packets
> > return will go through INTERNET2-GW also.
> >
>
> no, unless you first NAT the packets with the address of that interface.
> (otherwise the packets will come back through your primary network).
> if yo have cheep dlink or linksys or whatever DSL routers or whatever with NAT
> on them then you can use that successfully and just use ipfw 'fwd' rules to select the interface to use.

I see, hmm are you suggesting that the linksys should be placed
between the freebsd firewall and the internet? Then do a ipfw fwd
rules to in freebsd to select which interface to go and linksys will
do all the NAT-ing for those packets respectiveily right?

Thank you.

Regards,
Rudy
-- 
+++++++++
http://foodblog.rudal.com

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?8b24e4de0708031120n210f97ebj3f992ad7a757075e>