From owner-freebsd-questions  Mon Dec 10 22:18:23 2001
Delivered-To: freebsd-questions@freebsd.org
Received: from web20007.mail.yahoo.com (web20007.mail.yahoo.com [216.136.225.70])
	by hub.freebsd.org (Postfix) with SMTP id 5CA1A37B405
	for <freebsd-questions@FreeBSD.ORG>; Mon, 10 Dec 2001 22:18:18 -0800 (PST)
Message-ID: <20011211061817.8329.qmail@web20007.mail.yahoo.com>
Received: from [61.223.9.127] by web20007.mail.yahoo.com via HTTP; Mon, 10 Dec 2001 22:18:17 PST
Date: Mon, 10 Dec 2001 22:18:17 -0800 (PST)
From: Vincent Chen <vctw@yahoo.com>
Subject: policy route on freebsd?
To: freebsd-questions@FreeBSD.ORG
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-questions.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-questions>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-questions>
X-Loop: FreeBSD.ORG


Dear all,

I have a DSL link to internet right now and use a
freebsd as firewall. I am thinking about installing
another NIC and DSL link and create DMZ for my
website.
I done this using policy route on cisco before. My
question is:
If I install a forward rule at the beginning for DMZ,
how can I filter traffic to DMZ. If I install firewall
rules first, the traffice from DMZ will go through
default route (the current DSL link). Is it possible
to
protect and route new network segment at the same time
on freebsd? Any successful story?

Thanks for your help,

Vincent Chen


__________________________________________________
Do You Yahoo!?
Check out Yahoo! Shopping and Yahoo! Auctions for all of
your unique holiday gifts! Buy at http://shopping.yahoo.com
or bid at http://auctions.yahoo.com

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message