From owner-freebsd-security Tue Jul 4 7: 5:32 2000 Delivered-To: freebsd-security@freebsd.org Received: from gera.nns.ru (gera.nns.ru [195.230.79.10]) by hub.freebsd.org (Postfix) with ESMTP id C4A3437B935 for ; Tue, 4 Jul 2000 07:05:25 -0700 (PDT) (envelope-from abc@nns.ru) Received: from falcon.nns.ru (daemon@falcon.nns.ru [195.230.79.70]) by gera.nns.ru (8.9.3/8.9.3) with ESMTP id SAA26987 for ; Tue, 4 Jul 2000 18:05:14 +0400 (MSD) (envelope-from abc@nns.ru) Received: from localhost (abc@localhost [127.0.0.1]) by falcon.nns.ru (8.9.3/8.9.3) with ESMTP id SAA29870 for ; Tue, 4 Jul 2000 18:05:14 +0400 (MSD) (envelope-from abc@nns.ru) Date: Tue, 4 Jul 2000 18:05:13 +0400 (MSD) From: "Andrey V. Sokolov" X-Sender: abc@localhost To: freebsd-security@FreeBSD.ORG Subject: Re: Forward to next hop in ipf In-Reply-To: <200007041201.JAA13069@ns1.via-net-works.net.ar> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=koi8-r Content-Transfer-Encoding: 8BIT Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org IMHO "fastroute" is option for make a stealth forwarding without a ttl decrementing. I have tested "to" option default gateway is 192.168.0.1 The config string is: pass out log quick on ed0 to 192.168.0.2 from 192.168.0.2/32 to any where 192.168.0.2 is my new gateway, but it didn't works! The packets went to the default gateway, but not via the new gateway! But I'm not sure that "to" option works correctly with IP-address of the next-hop. As written in the man of ipf "to" option requires a interface-name. --- Andrey Sokolov On Tue, 4 Jul 2000, Fernando Schapachnik wrote: > En un mensaje anterior, Andrey V. Sokolov escribió: > > Hi! > > How to forward a packet matched by a rule to the desired next hop with > > IPFILTER compilled as the part of the kernel FreeDSD-4.0? > > I know how to do it with ipfw. > > Thanks. Andrey. > > Take a look at man 5 ipf, fastroute option. > > Regards. > > > > Fernando P. Schapachnik > Administración de la red > VIA NET.WORKS ARGENTINA S.A. > fernando@via-net-works.net.ar > (54-11) 4323-3333 > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message