From owner-freebsd-questions Mon Aug 14 16:29:51 2000 Delivered-To: freebsd-questions@freebsd.org Received: from guru.mired.org (zoom1-196.telepath.com [216.14.1.196]) by hub.freebsd.org (Postfix) with SMTP id 046C537BEBA for ; Mon, 14 Aug 2000 16:24:35 -0700 (PDT) (envelope-from mwm@mired.org) Received: (qmail 18005 invoked by uid 100); 14 Aug 2000 23:23:57 -0000 From: Mike Meyer MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Message-ID: <14744.32653.437890.388308@guru.mired.org> Date: Mon, 14 Aug 2000 18:23:57 -0500 (CDT) To: Gerd Knops Cc: questions@freebsd.org Subject: Routing based on source IP? In-Reply-To: <62361545@toto.iv> X-Mailer: VM 6.72 under 21.1 (patch 10) "Capitol Reef" XEmacs Lucid X-face: "5Mnwy%?j>IIV\)A=):rjWL~NB2aH[}Yq8Z=u~vJ`"(,&SiLvbbz2W`;h9L,Yg`+vb1>RG% *h+%X^n0EZd>TM8_IB;a8F?(Fb"lw'IgCoyM.[Lg#r\ Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Gerd Knops writes: > Hi everyone, > Is it somehow possible to route based on source as well as destination > address? man ipfw. > Ideally I would like to have 2 different default routes, based on the > source IP-address. That would enable me to force routing through a > specific gateway (=ISP). Note that for protection purposes, source routing is generally frowned on, as it's to easily forged. You throw out packets from the outside world claiming to come from the inside world, and otherwise don't trust the source.