From owner-freebsd-isp Thu Nov 15 20: 3:57 2001 Delivered-To: freebsd-isp@freebsd.org Received: from spyros.hermans.ca (h24-65-98-68.ed.shawcable.net [24.65.98.68]) by hub.freebsd.org (Postfix) with ESMTP id 7407737B405 for ; Thu, 15 Nov 2001 20:03:53 -0800 (PST) Received: from otidan (otidan.inside [192.168.32.100]) by spyros.hermans.ca (Postfix) with ESMTP id 372D72F9C39; Thu, 15 Nov 2001 21:03:49 -0700 (MST) From: "Jamie Hermans" To: "'Blake Crosby'" , Subject: RE: Source Based Routing Date: Thu, 15 Nov 2001 21:04:25 -0700 Organization: hermans.ca Message-ID: <000001c16e53$c79e0f10$6420a8c0@otidan> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook, Build 10.0.3311 In-Reply-To: <5.1.0.14.2.20011115002937.02913920@home.samurai.com> X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 Importance: Normal Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org > -----Original Message----- > From: owner-freebsd-isp@FreeBSD.ORG > [mailto:owner-freebsd-isp@FreeBSD.ORG] On Behalf Of Blake Crosby > Sent: November 14, 2001 10:31 pm > To: freebsd-isp@freebsd.org > Subject: Source Based Routing > > How can I make packets for a TCP connection from the > DSL IP, go out the DSL interface, no matter what the > IP of the other end of the TCP connection is? I used to have a similar situation ... this is a stripped down version of my /etc/rc.firewall at the time: # Setup system for firewall service. fwcmd="/sbin/ipfw -q" # Flush out the list before we begin. ${fwcmd} -f flush # Interface to nat nat="ep0" # Only in rare cases do you want to change these rules ${fwcmd} add 100 pass all from any to any via lo0 ${fwcmd} add 200 deny all from any to 127.0.0.0/8 # Outside (cable) interface IP configuration oifc="ep0" oipc=`/sbin/ifconfig ${oifc} | /usr/bin/awk '/inet / { print $2 }'` obcc=`/sbin/ifconfig ${oifc} | /usr/bin/awk '/inet / { print $6 }'` omaskc=`/sbin/ifconfig ${oifc} | /usr/bin/awk '/inet / { print $4 }'` # Outside (dsl) interface IP configuration oifd="ed0" oipd="xxx.xxx.xxx.xxx" obcd="xxx.xxx.xxx.255" omaskd="255.255.255.0" onetd="xxx.xxx.xxx.0" ogwd="xxx.xxx.xxx.xxx" # Inside (private) interface IP configuration iif="fxp0" iip="192.xxx.xx.1" ibc="192.xxx.xx.255" imask="255.255.255.0" inet="192.xxx.xx.0" igw="192.xxx.xx.1" # Packet shuffling for dual-homed connection ${fwcmd} add fwd ${ogwd} ip from ${oipd} to any # Network Address Translation. ${fwcmd} add divert natd all from any to any via ${nat} To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message