From owner-freebsd-isp@FreeBSD.ORG  Wed Oct 24 10:17:59 2007
Return-Path: <owner-freebsd-isp@FreeBSD.ORG>
Delivered-To: freebsd-isp@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id C374116A418
	for <freebsd-isp@freebsd.org>; Wed, 24 Oct 2007 10:17:59 +0000 (UTC)
	(envelope-from tom@tomjudge.com)
Received: from s200aog11.obsmtp.com (s200aog11.obsmtp.com [207.126.144.125])
	by mx1.freebsd.org (Postfix) with SMTP id 25EE513C491
	for <freebsd-isp@freebsd.org>; Wed, 24 Oct 2007 10:17:58 +0000 (UTC)
	(envelope-from tom@tomjudge.com)
Received: from source ([217.206.187.80]) by eu1sys200aob011.postini.com
	([207.126.147.11]) with SMTP; Wed, 24 Oct 2007 10:17:41 UTC
Received: from [10.0.0.89] (bill.mintel.co.uk [10.0.0.89])
	by rodney.mintel.co.uk (Postfix) with ESMTP id 383DA181422;
	Wed, 24 Oct 2007 10:48:18 +0100 (BST)
Message-ID: <471F14E1.8050900@tomjudge.com>
Date: Wed, 24 Oct 2007 10:48:17 +0100
From: Tom Judge <tom@tomjudge.com>
User-Agent: Thunderbird 1.5.0.13 (X11/20070824)
MIME-Version: 1.0
To: "tonix (Antonio Nati)" <tonix@interazioni.it>
References: <471F0422.5080800@interazioni.it>
In-Reply-To: <471F0422.5080800@interazioni.it>
Content-Type: text/plain; charset=ISO-8859-15; format=flowed
Content-Transfer-Encoding: 7bit
Cc: freebsd-isp@freebsd.org
Subject: Re: Advanced routing option
X-BeenThere: freebsd-isp@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Internet Services Providers <freebsd-isp.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-isp>,
	<mailto:freebsd-isp-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-isp>
List-Post: <mailto:freebsd-isp@freebsd.org>
List-Help: <mailto:freebsd-isp-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-isp>,
	<mailto:freebsd-isp-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 24 Oct 2007 10:17:59 -0000

tonix (Antonio Nati) wrote:
> I'm using FreeBSD and Monowall in the most of my servers.
> 
> One limit I'm facing on both is the lack of an advanced routing feature.
> 
> Would be too complicated to modify "route" sources (and probably kernel 
> tables) implementing a FROM parameter in ADD command?
> 
> route add 0.0.0.0/0   210.10.10.1
> route add FROM 200.1.1.0/24      0.0.0.0/0     210.10.10.10
> route add FROM 200.1.2.0/24      0.0.0.0/0     210.10.11.11
> 
> A FROM option would improve a lot routing capabilities and handling of 
> multiple WAN connections.
> 
> Any comment?
> 
> Tonino
> 

If you wish to do this type of policy routing you need to use one of the 
firewalls as it can't be done in the routing table.  PF can do this 
easily with its route-to option.

Tom