From owner-freebsd-hackers Mon Feb 24 02:41:08 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id CAA12987 for hackers-outgoing; Mon, 24 Feb 1997 02:41:08 -0800 (PST) Received: from cheops.anu.edu.au (avalon@cheops.anu.edu.au [150.203.76.24]) by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id CAA12978 for ; Mon, 24 Feb 1997 02:41:04 -0800 (PST) Message-Id: <199702241041.CAA12978@freefall.freebsd.org> Received: by cheops.anu.edu.au (1.37.109.16/16.2) id AA020160797; Mon, 24 Feb 1997 21:39:57 +1100 From: Darren Reed Subject: Re: "black" interfaces list To: alexis@ww.net Date: Mon, 24 Feb 1997 21:39:56 +1100 (EDT) Cc: freebsd-hackers@freebsd.org In-Reply-To: <199702240956.MAA12893@dawn.ww.net> from "Alexis Yushin" at Feb 24, 97 12:56:27 pm X-Mailer: ELM [version 2.4 PL23] Content-Type: text Sender: owner-hackers@freebsd.org X-Loop: FreeBSD.org Precedence: bulk In some mail from Alexis Yushin, sie said: > > Greetings, > > Imagine we have FreeBSD based ip router. There is a number > of interfaces with different addresses, from different networks with > different routing policy. (The boldest example is p2p interface with > reserved addresses assigned for its ends) > > Now, the default behaviour is to originate packets with > ip_src equal to the address of the interface the packets leave the > system via. In case of reserved address such packets wont get > anywhere, whilst packets originated from other systems (being routed) > will find their destination just fine. > > The idea is very simple and I could be out of date on this > issue, so please let me know if I am. So, we would have "black" list > of interfaces for which packets should have another source ip address. > Probably it could be built into the ifconfig mechanism. Comments? Hmmm, you might be able to do this using the NAT features in IP Filter. a picture might help (or an example of some packets) Darren