From owner-freebsd-questions Fri Nov 2 11:39:20 2001 Delivered-To: freebsd-questions@freebsd.org Received: from fremont.bolingbroke.com (adsl-216-102-90-210.dsl.snfc21.pacbell.net [216.102.90.210]) by hub.freebsd.org (Postfix) with ESMTP id 4B6E337B407 for ; Fri, 2 Nov 2001 11:39:18 -0800 (PST) Received: from fremont.bolingbroke.com (fremont.bolingbroke.com [216.102.90.210]) by fremont.bolingbroke.com (8.12.1/8.12.1) with ESMTP id fA2JdFOU087291; Fri, 2 Nov 2001 11:39:15 -0800 (PST) Date: Fri, 2 Nov 2001 11:39:15 -0800 (PST) From: Ken Bolingbroke To: Doug Lee Cc: freebsd-questions@FreeBSD.ORG Subject: Re: Can I route TCP/UDP traffic by destination port? In-Reply-To: <20011102133940.K9714@kirk.sector14.net> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Fri, 2 Nov 2001, Doug Lee wrote: > Can I possibly tell my FreeBSD box to send TCP/UDP traffic bound for > ports 137-139 via a different route than all other traffic, and can I > route responses back similarly (the other end of the VPN is also a > FreeBSD box)? It would be really nice if I could do this without > using the VPN as a pathway, but I think I could handle it either way. The 'fwd' function of ipfw would probably work for this. Ie; if the gateway for your alternate route is at 10.1.2.3, you might do something like this: fwd 10.1.2.3 tcp from any to any 137-139 fwd 10.1.2.3 udp from any to any 137-139 The 'from any to any' will likely be too liberal for your needs. Adjust it for your local network such that it forwards all traffic to ports 137-139 at only external hosts with this rule. Ken Bolingbroke hacker@bolingbroke.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message