From owner-freebsd-ipfw@FreeBSD.ORG Sat Jul 28 07:15:26 2007 Return-Path: Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id C4B8516A419 for ; Sat, 28 Jul 2007 07:15:26 +0000 (UTC) (envelope-from julian@elischer.org) Received: from outC.internet-mail-service.net (outC.internet-mail-service.net [216.240.47.226]) by mx1.freebsd.org (Postfix) with ESMTP id BDDB713C459 for ; Sat, 28 Jul 2007 07:15:26 +0000 (UTC) (envelope-from julian@elischer.org) Received: from mx0.idiom.com (HELO idiom.com) (216.240.32.160) by out.internet-mail-service.net (qpsmtpd/0.32) with ESMTP; Sat, 28 Jul 2007 00:15:25 -0700 Received: from julian-mac.elischer.org (home.elischer.org [216.240.48.38]) by idiom.com (Postfix) with ESMTP id 267D5125ADE; Sat, 28 Jul 2007 00:15:25 -0700 (PDT) Message-ID: <46AAED33.1070307@elischer.org> Date: Sat, 28 Jul 2007 00:16:03 -0700 From: Julian Elischer User-Agent: Thunderbird 2.0.0.5 (Macintosh/20070716) MIME-Version: 1.0 To: Narek Gharibyan References: <017001c7cf86$daa2ad10$180ca8c0@arm.synisys.com> In-Reply-To: <017001c7cf86$daa2ad10$180ca8c0@arm.synisys.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-ipfw@freebsd.org Subject: Re: Policy - based Routing problem Need help X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 28 Jul 2007 07:15:26 -0000 Narek Gharibyan wrote: > Hi all, > > I have a firewall/router with FreeBSD 6.2 installed on it. 2 ISP connection > and 2 LAN connections. I need to do a policy-based routing. All I need that > packets coming from one ISP interface return to that interface (incoming > connections' source based routing) and the other hand do a IP based routing > from the LAN (Some packets will goes out via ISP 1 some others via ISP 2 > depending on IPs requested). I tried to do that with ipfw fwd but it didn't > work any way (e.g. with ip.forwarding enabled or no). Even I've disabled my > static routes, default gw. Just it do nothing. Sample configs are > > ipfw add fwd ISP_gw from ${my lan} to any via ${eif} > ipfw add fwd ISP_gw from ${my lan} to any out via ${eif} > ipfw add fwd ISP_gw from any to any xmit ${eif} I believe you want to route INCOMING sessions right? what is the topology of the rest of your network? > > Ipfw add fwd ISP_gw from any to any via ${eif} out > > I don't use nat, proxy. Just need to route. > > > Please help > > > > Regards, > > Narek > > > > _______________________________________________ > freebsd-ipfw@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw > To unsubscribe, send any mail to "freebsd-ipfw-unsubscribe@freebsd.org"