From owner-freebsd-current  Wed Jun 10 10:43:43 1998
Return-Path: <owner-freebsd-current@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id KAA25430
          for freebsd-current-outgoing; Wed, 10 Jun 1998 10:43:43 -0700 (PDT)
          (envelope-from owner-freebsd-current@FreeBSD.ORG)
Received: from GndRsh.aac.dev.com (GndRsh.aac.dev.com [207.149.232.62] (may be forged))
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id KAA25357
          for <current@freebsd.org>; Wed, 10 Jun 1998 10:43:21 -0700 (PDT)
          (envelope-from rgrimes@GndRsh.aac.dev.com)
Received: (from rgrimes@localhost)
	by GndRsh.aac.dev.com (8.8.8/8.8.8) id KAA14488;
	Wed, 10 Jun 1998 10:42:26 -0700 (PDT)
	(envelope-from rgrimes)
From: "Rodney W. Grimes" <rgrimes@GndRsh.aac.dev.com>
Message-Id: <199806101742.KAA14488@GndRsh.aac.dev.com>
Subject: Re: Annnonce: Transparent proxy patches
In-Reply-To: <357EBEF4.33590565@whistle.com> from Julian Elischer at "Jun 10, 98 10:14:28 am"
To: julian@whistle.com (Julian Elischer)
Date: Wed, 10 Jun 1998 10:42:26 -0700 (PDT)
Cc: current@FreeBSD.ORG
X-Mailer: ELM [version 2.4ME+ PL32 (25)]
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-current@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

> Rodney W. Grimes wrote:
> > 
> > >
> > > Chrisy Luke <chrisy@flix.net> posted a mixed set of patches
> > > recently that added the ability to do transparent proxying
...

> > or does the code have this ability?  And/or do you need to be
> > more specific about protocols/ports? 
> 
> If you don't specify a new 
> port, it will use the originally specified port. Of course ports only
> make sense for local diversions as the packet is not altered,
> so once it has left this machine, the diversion is finished.
> 
> You can only specify a target by IP address, but yes, if you had 2
> default routes, you could easily do this..
> so it would look like:
> 
> ipfw add 2 fwd isp1-gw ip from X.X.X.0/24 to any
> ipfw add 2 fwd isp2-gw ip from Y.Y.Y.0/24 to any
> 
> (of course the OTHER part of Chrisy's patch (mpath) does this 
> even better by allowing you to specify multiple default routes 
> and letting the system multiplex on them..

Thats kinda what we are looking for, but the situation is a little
different.  Is what we really need (and it sounds like the combination
of the multipath code and fwd rules could do it) is the ability to
have multiple default routes, but choose which default route to use
based on source ip address, unless that interface is down or inoperative.

I guess we need to grab the code and go play with it for a day or two
and see if it can do what I think it could do for us.

> > --
> > Rod Grimes - KD7CAX - (RWG25)   
> 
> hmm              KD7CAX,
> I didn't know you were a HAM.. Is this new or old?

New, very new... 


-- 
Rod Grimes - KD7CAX - (RWG25)                   rgrimes@gndrsh.aac.dev.com
Accurate Automation, Inc.                   Reliable computers for FreeBSD
http://www.aai.dnsmgr.com

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message