From owner-freebsd-questions@FreeBSD.ORG Wed May 17 03:35:54 2006 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5B72016A401 for ; Wed, 17 May 2006 03:35:54 +0000 (UTC) (envelope-from dennisolvany@gmail.com) Received: from wr-out-0506.google.com (wr-out-0506.google.com [64.233.184.235]) by mx1.FreeBSD.org (Postfix) with ESMTP id 8872443D46 for ; Wed, 17 May 2006 03:35:53 +0000 (GMT) (envelope-from dennisolvany@gmail.com) Received: by wr-out-0506.google.com with SMTP id i12so125970wra for ; Tue, 16 May 2006 20:35:53 -0700 (PDT) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:user-agent:mime-version:to:cc:subject:references:in-reply-to:content-type:content-transfer-encoding; b=nqVfMNCVn/tl0vTNnJ6/9rpW54+DVaNLVrHbK7NBy9c9B7fjvOep+vioveLs3cLAz+jnhxA3psRt3De+Kr3FA9XYCf8b1fz34A7dpZuCr3HbZi9R7ptHIXvZJ1dbhKEOImJeALnf4NUxKtaRxhkgL/K9ulitW4qtCJAgxdAnrKw= Received: by 10.54.118.13 with SMTP id q13mr1907364wrc; Tue, 16 May 2006 20:35:52 -0700 (PDT) Received: from ?195.16.87.34? ( [195.16.87.34]) by mx.gmail.com with ESMTP id 33sm1448203wra.2006.05.16.20.35.51; Tue, 16 May 2006 20:35:52 -0700 (PDT) Message-ID: <446A9A14.30507@gmail.com> Date: Tue, 16 May 2006 22:35:48 -0500 From: Dennis Olvany User-Agent: Thunderbird 1.5 (X11/20060211) MIME-Version: 1.0 To: PFS IT References: <996142470605161456n46e43682x392b1f4f2ccfec73@mail.gmail.com> In-Reply-To: <996142470605161456n46e43682x392b1f4f2ccfec73@mail.gmail.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-ipfw@freebsd.org, freebsd-questions@freebsd.org Subject: Re: IPFW - Two External Interfaces X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 17 May 2006 03:35:54 -0000 PFS IT wrote: > I am complicating the use of IPFW... > Here is a pretty ascii picture. I drawed it meself. > ISP 1 > [192.168.2.254] > | > | > [bge1:192.168.2.1] > FIREWALL[bge0:10.0.0.1]-------[10.0.0.2]internal_system > [em0:192.168.1.1] > | > | > [192.168.1.254] > ISP 2 > #Send traffic to natd > divert 8869 ip from any to any via bge1 > divert 8868 ip from any to any via em0 > #Send "special" traffic out via em0 > fwd $isp2_gw ip from $internal_system to $remote_system 80 > $internal_system# hping -STp 80 $remote_system > > Should result in a trace across em0 to google