Date: Wed, 10 Jun 1998 10:42:26 -0700 (PDT) From: "Rodney W. Grimes" <rgrimes@GndRsh.aac.dev.com> To: julian@whistle.com (Julian Elischer) Cc: current@FreeBSD.ORG Subject: Re: Annnonce: Transparent proxy patches Message-ID: <199806101742.KAA14488@GndRsh.aac.dev.com> In-Reply-To: <357EBEF4.33590565@whistle.com> from Julian Elischer at "Jun 10, 98 10:14:28 am"
next in thread | previous in thread | raw e-mail | index | archive | help
> Rodney W. Grimes wrote: > > > > > > > > Chrisy Luke <chrisy@flix.net> posted a mixed set of patches > > > recently that added the ability to do transparent proxying ... > > or does the code have this ability? And/or do you need to be > > more specific about protocols/ports? > > If you don't specify a new > port, it will use the originally specified port. Of course ports only > make sense for local diversions as the packet is not altered, > so once it has left this machine, the diversion is finished. > > You can only specify a target by IP address, but yes, if you had 2 > default routes, you could easily do this.. > so it would look like: > > ipfw add 2 fwd isp1-gw ip from X.X.X.0/24 to any > ipfw add 2 fwd isp2-gw ip from Y.Y.Y.0/24 to any > > (of course the OTHER part of Chrisy's patch (mpath) does this > even better by allowing you to specify multiple default routes > and letting the system multiplex on them.. Thats kinda what we are looking for, but the situation is a little different. Is what we really need (and it sounds like the combination of the multipath code and fwd rules could do it) is the ability to have multiple default routes, but choose which default route to use based on source ip address, unless that interface is down or inoperative. I guess we need to grab the code and go play with it for a day or two and see if it can do what I think it could do for us. > > -- > > Rod Grimes - KD7CAX - (RWG25) > > hmm KD7CAX, > I didn't know you were a HAM.. Is this new or old? New, very new... -- Rod Grimes - KD7CAX - (RWG25) rgrimes@gndrsh.aac.dev.com Accurate Automation, Inc. Reliable computers for FreeBSD http://www.aai.dnsmgr.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199806101742.KAA14488>