Date: Wed, 31 Jul 2002 17:28:40 -0400 From: "Matt Abraham" <mailing@novaconnect.net> To: freebsd-questions@freebsd.org Subject: Unable to get "ipfw fwd" working Message-ID: <web-44502@novaconnect.net>
next in thread | raw e-mail | index | archive | help
Hi all, I am running into a problem using ipfw to do source-based routing. I am trying to forward traffic from a private IP address (172.17.1.5) to a gateway (192.168.215.15) via ANOTHER gateway running Freebsd/ipfw (rl0:192.168.200.240 and vr0:192.168.215.240). Now, this packet has already gone through a Cisco router with policy-based routing in place, so no NAT'ing is done to the packet -- static routes are in place on the Freebsd box to send the response back via the Cisco router. So! On the Freebsd box, I've got the following ipfw rule in place: 650 fwd 192.168.215.15 ip from 172.17.1.5 to any in recv rl0 When I try to ping a public address, say A.B.C.D, on the other side of 192.168.215.15 (it's got a public address on its outside interface), I receive "Destination Host Unreachable," i.e. ICMP 3.1 packets coming from 192.168.200.240. Now, if I add a static route: route add -host A.B.C.D 192.168.215.15 ...it works, but this sort of defeats the purpose of source-based routing :) Clearly, I'm doing something wrong. Any ideas?? Matt mailing@novaconnect.net To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?web-44502>