From owner-freebsd-ipfw Mon Nov 6 22:17: 5 2000 Delivered-To: freebsd-ipfw@freebsd.org Received: from home.intranet.vardanega.net (unknown [200.195.244.168]) by hub.freebsd.org (Postfix) with ESMTP id 230C637B479 for ; Mon, 6 Nov 2000 22:17:00 -0800 (PST) Received: from conrado (conrado.intranet.vardanega.net [192.168.51.5]) by home.intranet.vardanega.net (8.10.2/8.10.2) with SMTP id eA76GmI19652 for ; Tue, 7 Nov 2000 04:16:48 -0200 From: "Conrado Vardanega" To: Subject: fwd Date: Tue, 7 Nov 2000 04:16:24 -0300 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0) Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2919.6700 Sender: owner-freebsd-ipfw@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Hi. I'm planning to setup a firewall with TWO internet connectionseach one to a different backbone. This system will have three incoming interfaces (users acessing internet) and two outgoing interfaces (connected to the routers). My questions: 1. According to my conclusions on reading ipfw's manpages, I can control through what connection each network is going out. 2. Is 1 is OK, does the TWO outgoing interfaces have to be set as default routes, considering that both goes to internet? 3. Assuming that all this is OK, consider the following situation: An ipfw rule is set to allow incoming connections with "keep-state" option (passing through the firewall), that is, using dynamic rules. How the outgoing packets are going to be handled at the firewall? Does it some "dynamically" forward to the proper interface? If anyone has a setup like this, please let me know. Thanks. Conrado To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message