Date: Fri, 06 Nov 2009 08:19:17 +0000 From: Matthew Seaman <m.seaman@infracaninophile.co.uk> To: "Tonix (Antonio Nati)" <tonix@interazioni.it> Cc: freebsd-stable@freebsd.org Subject: Re: Features in 8.0? Message-ID: <4AF3DC05.3010408@infracaninophile.co.uk> In-Reply-To: <4AF35D7D.7010807@interazioni.it> References: <4AF35D7D.7010807@interazioni.it>
next in thread | previous in thread | raw e-mail | index | archive | help
[-- Attachment #1 --] Tonix (Antonio Nati) wrote: > I'd like to know if these features are available in FreeBSD 8.0. > > * advanced routing (I miss the possibility to define routes based > on sender IPs) > * carpdev Yes to both, if you enable pf. The advanced routing I think you're asking about is generally described as 'policy based routing' -- look for the documentation on the 'route-to' keyword in pf rulesets: http://openbsd.org/faq/pf/pools.html#outgoing If you implement CARP on a firewall pair, then you will need a carp0 pseudo interface -- this can be created and configured in /etc/rc.conf like so: cloned_interfaces="carp0" ifconfig_carp0="vhid 100 pass ~not~telling~you~ 192.0.2.1/24" FreeBSD-8.0 now also has the capability of using a per-application routing table, so you can change the routes for (say) apache or squid independently of what applies for the rest of the system. See setfib(1) for more information, plus recent examples of implementing this in RC scripts on the ports mailing list. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard Flat 3 PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate Kent, CT11 9PW [-- Attachment #2 --] -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.13 (FreeBSD) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEAREIAAYFAkrz3AsACgkQ8Mjk52CukIxj8ACbBBURdlaG+HWFSUQMN1Vp+RYF 4CQAn2ytfA7IK4zr0hhp+rSGi602C4fc =6gYo -----END PGP SIGNATURE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4AF3DC05.3010408>