From owner-freebsd-pf@FreeBSD.ORG Thu Jun 22 16:28:33 2006 Return-Path: X-Original-To: freebsd-pf@freebsd.org Delivered-To: freebsd-pf@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 36DB816A60C for ; Thu, 22 Jun 2006 16:28:33 +0000 (UTC) (envelope-from huzeyfe.onal@gmail.com) Received: from ug-out-1314.google.com (ug-out-1314.google.com [66.249.92.171]) by mx1.FreeBSD.org (Postfix) with ESMTP id 5F82D44024 for ; Thu, 22 Jun 2006 16:07:22 +0000 (GMT) (envelope-from huzeyfe.onal@gmail.com) Received: by ug-out-1314.google.com with SMTP id m3so601717uge for ; Thu, 22 Jun 2006 09:07:21 -0700 (PDT) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=qDdVs7HJQ3uO79QzuJM0qGMSV0SxeHZGFq6T3X6R1PWlfchrz+TmwVfE64Wf9fe3+mbpcUgUerMKHqGd9b4rdTiKu3JHBExwKxa1fi/gMtXAo1VhbC9iK0LQvOqR4wUTD5BZQh3iwTLmkxdsdRNqYsWnVaJGXCarrB+JjcfzHOI= Received: by 10.66.240.12 with SMTP id n12mr1202137ugh; Thu, 22 Jun 2006 09:00:58 -0700 (PDT) Received: by 10.67.15.17 with HTTP; Thu, 22 Jun 2006 09:00:58 -0700 (PDT) Message-ID: Date: Thu, 22 Jun 2006 19:00:58 +0300 From: "Huzeyfe Onal" To: "=?ISO-8859-1?Q?S=E9bastien_AVELINE?=" In-Reply-To: <449ABD0B.2040706@alinto.net> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: quoted-printable Content-Disposition: inline References: <449ABD0B.2040706@alinto.net> Cc: freebsd-pf@freebsd.org Subject: Re: pf and policy routing X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 22 Jun 2006 16:28:33 -0000 Hi, you can use PF's route-to options for Policy routing.. On 6/22/06, S=E9bastien AVELINE wrote: > Hi, > > I would like to have some advises on pf. I'd like to use pf for > clustering a firewall and using pfsync. > Actually I use a Linux Box to do this. The problem is that I have > specific rules for routing with iproute2 because I got a lot of > different subnets with multi-homing. It seems that freebsd support > policy routing only with ipfw. > My question is : is it possible to use ipfw just for policy routing and > pf just for packet filtering ? > For example I want to to do something like that : > > I had a default gateway (a) but if I received a packet from subnet(c) to > subnet(d) --> use an another default gateway(y) > a > packet from subnet(a) to subnet(x) --> use an another default gateway(y) > > > I wonder if route-to of pf is good for my exemple or if I should try > something else like ipfw for routing and pf for firewalling as I said > above. Actually I'm using freebsd 6.1 for some tests. > > Thanx for your answers. > > > Sebastien AVELINE > > _______________________________________________ > freebsd-pf@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-pf > To unsubscribe, send any mail to "freebsd-pf-unsubscribe@freebsd.org" > --=20 Huzeyfe =D6NAL +90 505 5260064 --- Ag Guvenligi Listesine uye oldunuz mu? http://www.huzeyfe.net/netsec.html