Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 22 Jun 2006 18:36:18 +0200
From:      Max Laier <max@love2party.net>
To:        freebsd-pf@freebsd.org
Subject:   Re: pf and policy routing
Message-ID:  <200606221836.24040.max@love2party.net>
In-Reply-To: <449ABD0B.2040706@alinto.net>
References:  <449ABD0B.2040706@alinto.net>
next in thread | previous in thread | raw e-mail | index | archive | help 
--nextPart2143727.AOlMRXj7kl
Content-Type: text/plain;
  charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline

On Thursday 22 June 2006 17:53, S=E9bastien AVELINE wrote:
> I would like to have some advises on pf. I'd like to use pf for
> clustering a firewall and using pfsync.
> Actually I use a Linux Box to do this. The problem is that I have
> specific rules for routing with iproute2 because I got a lot of
> different subnets with multi-homing. It seems that freebsd support
> policy routing only with ipfw.
> My question is : is it possible to use ipfw just for policy routing and
> pf just for packet filtering ?
> For example I want to to do something like that :
>
> I had a default gateway (a) but if I received a packet from subnet(c) to
> subnet(d) --> use an another default gateway(y)
>                                                                   a
> packet from subnet(a) to subnet(x) -->  use an another default gateway(y)
>
>
> I wonder if route-to of pf is good for my exemple or if I should try
> something else like ipfw for routing and pf for firewalling as I said
> above. Actually I'm using freebsd 6.1 for some tests.
>
> Thanx for your answers.

http://openbsd.org/faq/pf/pools.html#outgoing

=2D-=20
/"\  Best regards,                      | mlaier@freebsd.org
\ /  Max Laier                          | ICQ #67774661
 X   http://pf4freebsd.love2party.net/  | mlaier@EFnet
/ \  ASCII Ribbon Campaign              | Against HTML Mail and News

--nextPart2143727.AOlMRXj7kl
Content-Type: application/pgp-signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (FreeBSD)

iD8DBQBEmscIXyyEoT62BG0RAsm9AJ9Ic+78gFjsmkM69oLRc9uzqp8gwACfVKNZ
6JxWhVOkGskiPdliYfg81Ds=
=EraE
-----END PGP SIGNATURE-----

--nextPart2143727.AOlMRXj7kl--

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200606221836.24040.max>