Date: Mon, 15 Sep 2003 19:08:17 +0200 (CEST) From: Christian Kratzer <ck@cksoft.de> To: Martin Bartelds <bts@iae.nl> Cc: freebsd-ipfw@freebsd.org Subject: Re: IPFW/routing wishes Message-ID: <20030915190407.J5252@vesihiisi.cksoft.de> In-Reply-To: <200309151809.4842238.6@btsoftware.com> References: <200309151809.4842238.6@btsoftware.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi, On Mon, 15 Sep 2003, Martin Bartelds wrote: [snipp] > The IPFW Fwd command does (as far as I know) only change the > next hop, not the (already chosen) interface how to come there. > And that's the problem. The interface information is kept one > level higher as where IPFW operates. The Fwd command is > intended to "run" on the incoming packets (which will be subject > to the FreeBSD routing actions lateron), wheres I do have to > change the interface of the outgoing packets (which do not > enter the FreeBSD routing system again). > > My original request is effectively to have the possibility to do > an additional routing action on outgoing packets. I googled around and immediately hit a past discussion on this list http://www.google.de/search?q=freebsd+ipfw+policy+routing http://docs.freebsd.org/mail/archive/2002/freebsd-ipfw/20020901.freebsd-ipfw.html http://docs.freebsd.org/cgi/getmsg.cgi?fetch=23701+0+archive/2002/freebsd-ipfw/20020901.freebsd-ipfw one of the posters recommends applying a forward rule to packets incoming on the inside interface. This way you can still modify the next hop and thus the interface they will leave. Greetings Christian -- CK Software GmbH Christian Kratzer, Schwarzwaldstr. 31, 71131 Jettingen Email: ck@cksoft.de Phone: +49 7452 889-135 Open Software Solutions, Network Security Fax: +49 7452 889-136 FreeBSD spoken here!
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030915190407.J5252>