From owner-freebsd-questions@freebsd.org Thu May 14 18:13:36 2020 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id EE41B2D98CA for ; Thu, 14 May 2020 18:13:36 +0000 (UTC) (envelope-from aryeh.friedman@gmail.com) Received: from mail-il1-x12b.google.com (mail-il1-x12b.google.com [IPv6:2607:f8b0:4864:20::12b]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 49NKRM1B0Lz4fD1 for ; Thu, 14 May 2020 18:13:34 +0000 (UTC) (envelope-from aryeh.friedman@gmail.com) Received: by mail-il1-x12b.google.com with SMTP id b18so1964377ilf.2 for ; Thu, 14 May 2020 11:13:34 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=pQYPg9eVDpJ28upnzSThsL4zxDVNZI8WqFuxVZU/jOs=; b=DXO3M42qT2m8DiNU0wkpKlrlEtKCiudLxtI/SAnHv5sKgfckSEx64UmIiFfPy9Avtt kbMDwGbiYN45pubP++Zv0YCjDvANI9n7RzuamvgIu5kExJqK5+CHAUhFungYjro0OCU3 AbBdpRDavtjtsUzALwRE6LQvXB9Mnnpk//yUwXDe16xY7VCs5IXMLfWhezUF62gkzYBR bUvFgmhMGrsDbd3TBicTUKEYd0xqVCwCO0wSk+v82De2Fp/LH9aoEHm+TcS1HriWULeG LWrUKBdz0Me0bak3+nuO1EKVbq+jnK/8VaopyegWUZDK4yqWJU7RWxjFFV8A/ktPJaTd 55+g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=pQYPg9eVDpJ28upnzSThsL4zxDVNZI8WqFuxVZU/jOs=; b=DLWBkdZSOZvTD/mtkLRPDIdZkPqbWiOczBzZnwDkpwe/ETgKeI+bARclI4CMYFVoK+ hDLPOaxGcXtZVbhOKIGQeA5zauMTbOwZV4x0u544i350g04l1jWJBEXdFfsFrlOB/4y7 ZRj680gt2gCdAskttEhFLxRqHr/3TdR36hb5IYESQ8flBaY3tx9upCAVovGF7/WDKsqx A5mzX1OpYhYaQz1z/hHPcPqORau9pLFzfdWbsUw6EHzsQ3J6wGrJ5fvu56SQHFkXg3Hb TsOsXWydXFmSpWzMvUqQvpstCz3buk1Uq4Fyp1iZq/P5NaJVZoqCxZs+iJg7CzcMp6Nv Ex9A== X-Gm-Message-State: AOAM533blYAXgYYJrYtRVnhe+cdPulccUwRuyAjYQ2i5DObulx936A/T wp0dMq2I1alWHdT0GYg19j8Us+rJizzluWiVsrwG8Kcd X-Google-Smtp-Source: ABdhPJxHeEKTCFcRwBgxbqCzKiiN1lAhI4/tqimF4jLkrOoAghlXD7pXhNhtV6/B0Ap2TMrw3MrkPBTZ3xKh/nsq1Sc= X-Received: by 2002:a92:d186:: with SMTP id z6mr5796115ilz.119.1589480013598; Thu, 14 May 2020 11:13:33 -0700 (PDT) MIME-Version: 1.0 From: Aryeh Friedman Date: Thu, 14 May 2020 14:13:22 -0400 Message-ID: Subject: OT: Selective routing and proxying To: FreeBSD Mailing List X-Rspamd-Queue-Id: 49NKRM1B0Lz4fD1 X-Spamd-Bar: - Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20161025 header.b=DXO3M42q; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (mx1.freebsd.org: domain of aryehfriedman@gmail.com designates 2607:f8b0:4864:20::12b as permitted sender) smtp.mailfrom=aryehfriedman@gmail.com X-Spamd-Result: default: False [-2.00 / 15.00]; R_SPF_ALLOW(-0.20)[+ip6:2607:f8b0:4000::/36:c]; FREEMAIL_FROM(0.00)[gmail.com]; URI_COUNT_ODD(1.00)[3]; TO_DN_ALL(0.00)[]; DKIM_TRACE(0.00)[gmail.com:+]; DMARC_POLICY_ALLOW(-0.50)[gmail.com,none]; FROM_EQ_ENVFROM(0.00)[]; IP_SCORE(0.00)[ip: (-7.61), ipnet: 2607:f8b0::/32(-0.33), asn: 15169(-0.42), country: US(-0.05)]; MIME_TRACE(0.00)[0:+,1:+,2:~]; FREEMAIL_ENVFROM(0.00)[gmail.com]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]; TAGGED_FROM(0.00)[]; DWL_DNSWL_NONE(0.00)[gmail.com.dwl.dnswl.org : 127.0.5.0]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-0.999,0]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20161025]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org]; IP_SCORE_FREEMAIL(0.00)[]; RCPT_COUNT_ONE(0.00)[1]; RCVD_IN_DNSWL_NONE(0.00)[b.2.1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.2.0.0.4.6.8.4.0.b.8.f.7.0.6.2.list.dnswl.org : 127.0.5.0]; RCVD_COUNT_TWO(0.00)[2]; RCVD_TLS_ALL(0.00)[] Content-Type: text/plain; charset="UTF-8" X-Content-Filtered-By: Mailman/MimeDel 2.1.33 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 14 May 2020 18:13:37 -0000 My significant other's employer (a public university) has payed for subscriptions on many newspapers and other periodicals that normally are pay-walled and allows anyone on the campus network (or VPN to it) us said subscriptions if you use the library's proxy server. There are other on campus only services that they want to also access like virtual desktops and network drives. For privacy reasons we want to make so only access to the said subscription and/or on campus IT services are routed via the VPN connection/library proxy and all others go out our normal ISP. Note we also have and other VPN connection to one of my clients that due to privacy regulations (HIPAA) must be used for all our work with them. What is the best way to handle all this? (Currently have 2 physical FreeBSD machines in the house and 2 more running as VM's and one Windows VM and one Windows physical machine... the VM's use bhyve) -- Aryeh M. Friedman, Lead Developer, http://www.PetiteCloud.org