Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 06 Nov 2009 08:19:17 +0000
From:      Matthew Seaman <m.seaman@infracaninophile.co.uk>
To:        "Tonix (Antonio Nati)" <tonix@interazioni.it>
Cc:        freebsd-stable@freebsd.org
Subject:   Re: Features in 8.0?
Message-ID:  <4AF3DC05.3010408@infracaninophile.co.uk>
In-Reply-To: <4AF35D7D.7010807@interazioni.it>
References:  <4AF35D7D.7010807@interazioni.it>
next in thread | previous in thread | raw e-mail | index | archive | help 
This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
--------------enig7BF61F7B1A56AE3AB8FAA160
Content-Type: text/plain; charset=ISO-8859-15; format=flowed
Content-Transfer-Encoding: quoted-printable

Tonix (Antonio Nati) wrote:
> I'd like to know if these features are available in FreeBSD 8.0.
>=20
>    * advanced routing  (I miss the possibility to define routes based
>      on sender IPs)
>    * carpdev

Yes to both, if you enable pf.  The advanced routing I think you're askin=
g
about is generally described as 'policy based routing' -- look for the=20
documentation on the 'route-to' keyword in pf rulesets:

  http://openbsd.org/faq/pf/pools.html#outgoing

If you implement CARP on a firewall pair, then you will need a carp0
pseudo interface -- this can be created and configured in /etc/rc.conf li=
ke
so:

   cloned_interfaces=3D"carp0"

   ifconfig_carp0=3D"vhid 100 pass ~not~telling~you~ 192.0.2.1/24"

FreeBSD-8.0 now also has the capability of using a per-application routin=
g
table, so you can change the routes for (say) apache or squid independent=
ly
of what applies for the rest of the system.  See setfib(1) for more
information, plus recent examples of implementing this in RC scripts on
the ports mailing list.

	Cheers,

	Matthew

--=20
Dr Matthew J Seaman MA, D.Phil.                   7 Priory Courtyard
                                                  Flat 3
PGP: http://www.infracaninophile.co.uk/pgpkey     Ramsgate
                                                  Kent, CT11 9PW


--------------enig7BF61F7B1A56AE3AB8FAA160
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.13 (FreeBSD)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEAREIAAYFAkrz3AsACgkQ8Mjk52CukIxj8ACbBBURdlaG+HWFSUQMN1Vp+RYF
4CQAn2ytfA7IK4zr0hhp+rSGi602C4fc
=6gYo
-----END PGP SIGNATURE-----

--------------enig7BF61F7B1A56AE3AB8FAA160--

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4AF3DC05.3010408>