Date: Thu, 23 Jun 2005 08:28:43 +0300 From: Ari Suutari <ari@suutari.iki.fi> To: Luigi Rizzo <rizzo@icir.org> Cc: freebsd-net@freebsd.org Subject: Re: Policy routing idea (Was: ipfw: Would it be possible to continue processing rest of rules after match ?) Message-ID: <42BA488B.3040602@suutari.iki.fi> In-Reply-To: <20050622092452.A95367@xorpc.icir.org> References: <42B7B352.8040806@suutari.iki.fi> <20050621170649.B82876@xorpc.icir.org> <42B94023.3090202@suutari.iki.fi> <20050622053307.B90964@xorpc.icir.org> <42B98FA0.3030805@suutari.iki.fi> <20050622092452.A95367@xorpc.icir.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Luigi Rizzo wrote: > I really believe the "setnexthop" action is the best approach. I'll start implementing this approach today if other work permits. I think I'll also add new rule option "defaultroute" which matches if packet destination has no specific route in routing table. That would make it very easy to, for example, route general web-surfing to secondary adsl line, just say: ipfw setnexthop g2.g2.g2.g2 tcp from any to any defaultroute (well, in real life one would need probably nat here, but that could be done in similar manner) Ari S.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?42BA488B.3040602>