From owner-freebsd-ipfw@FreeBSD.ORG Thu Jan 15 09:08:17 2004 Return-Path: Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 386E916A4CE for ; Thu, 15 Jan 2004 09:08:17 -0800 (PST) Received: from mail.lphp.org (APastourelles-107-1-2-121.w193-251.abo.wanadoo.fr [193.251.52.121]) by mx1.FreeBSD.org (Postfix) with ESMTP id D437443D72 for ; Thu, 15 Jan 2004 09:07:29 -0800 (PST) (envelope-from ajacoutot@lphp.org) Received: from srv01.lphp.local (localhost [127.0.0.1]) by mail.lphp.org (8.12.10/8.12.10) with ESMTP id i0FH6Fjk007078 for ; Thu, 15 Jan 2004 18:06:15 +0100 (CET) (envelope-from ajacoutot@lphp.org) Received: (from www@localhost) by srv01.lphp.local (8.12.10/8.12.10/Submit) id i0FH6FBD007077 for freebsd-ipfw@freebsd.org; Thu, 15 Jan 2004 18:06:15 +0100 (CET) (envelope-from ajacoutot@lphp.org) Received: from ATuileries-108-2-1-254.w217-128.abo.wanadoo.fr (ATuileries-108-2-1-254.w217-128.abo.wanadoo.fr [217.128.152.254]) by webmail.lphp.org (IMP) with HTTP for ; Thu, 15 Jan 2004 18:06:15 +0100 Message-ID: <1074186375.4006c887150e1@webmail.lphp.org> Date: Thu, 15 Jan 2004 18:06:15 +0100 From: Antoine Jacoutot To: freebsd-ipfw@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-15 Content-Transfer-Encoding: 8bit User-Agent: Internet Messaging Program (IMP) 3.2.2 / FreeBSD-5.1 Subject: source routing and dynamic @ip X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 15 Jan 2004 17:08:17 -0000 Hi :) Allright, so, I've been trying to build a routing setup for some weeks now, and after looking everywhere and asking for help, I still cannot find the answer. Here is what I want to do: source routing to 2 internet connections. Basically, I want net1 to go on the Internet using gateway connection1 and net2 to go on the internet using gateway connection2. You have to know that both internet connections have dynamic IPs and I need NAT on both. So far, these are my not working config files (defaut gateway is ip1/connection1). em0 = inside interface tun0 = pppoe DSL connection1 (default route) tun1 = pppoe DSL connection2 --> /etc/ipfw.conf #!/bin/sh fwcmd="/sbin/ipfw -q" ip1=`/sbin/ifconfig tun0 | /usr/bin/awk '/inet / { print $2 }'` ip2=`/sbin/ifconfig tun1 | /usr/bin/awk '/inet / { print $2 }'` lan1=192.168.0.0/24 lan2=192.168.1.0/24 ${fwcmd} -f flush ${fwcmd} add 100 fwd $ip2 all from $lan2 to any out recv em0 xmit tun0 ${fwcmd} add 200 divert 8669 all from $lan2 to any via tun1 ${fwcmd} add 300 divert 8668 all from any to any via tun0 ${fwcmd} add 400 allow all from any to any --> /etc/natd_tun0.conf interface tun0 port 8668 log_denied yes log_facility security use_sockets yes same_ports yes unregistered_only yes punch_fw 10000:10000 dynamic yes --> /etc/natd_tun1.conf interface tun1 port 8669 log_denied yes log_facility security use_sockets yes same_ports yes unregistered_only yes punch_fw 10000:10000 dynamic yes I am really really looking for help here. If you know how to make such a setup working, I would appreciate a hand. Thanks in advance. Regards, Antoine