From owner-freebsd-questions  Tue Dec 11  2:47:58 2001
Delivered-To: freebsd-questions@freebsd.org
Received: from web20610.mail.yahoo.com (web20610.mail.yahoo.com [216.136.226.168])
	by hub.freebsd.org (Postfix) with SMTP id 3AA7437B417
	for <freebsd-questions@freebsd.org>; Tue, 11 Dec 2001 02:47:55 -0800 (PST)
Message-ID: <20011211104754.93667.qmail@web20610.mail.yahoo.com>
Received: from [136.165.81.4] by web20610.mail.yahoo.com via HTTP; Tue, 11 Dec 2001 02:47:54 PST
Date: Tue, 11 Dec 2001 02:47:54 -0800 (PST)
From: Donnie Jones <donniejones18@yahoo.com>
Subject: Re: policy route on freebsd?
To: Vincent Chen <vctw@yahoo.com>
Cc: freebsd-questions@freebsd.org
In-Reply-To: <20011211061817.8329.qmail@web20007.mail.yahoo.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-questions.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-questions>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-questions>
X-Loop: FreeBSD.ORG


--- Vincent Chen <vctw@yahoo.com> wrote:
> 
> Dear all,
> 
> I have a DSL link to internet right now and use a
> freebsd as firewall. I am thinking about installing
> another NIC and DSL link and create DMZ for my
> website.


I would think it would be very simple to just set up
firewall rules for the second ip address that would
come with the new dsl link for that second NIC. 
Sorry, but I don't know what DMZ is?!?

> I done this using policy route on cisco before. My
> question is:
> If I install a forward rule at the beginning for
> DMZ,
> how can I filter traffic to DMZ. If I install
> firewall
> rules first, the traffice from DMZ will go through
> default route (the current DSL link). Is it possible
> to
> protect and route new network segment at the same
> time
> on freebsd? Any successful story?
> 
> Thanks for your help,
> 
> Vincent Chen


I would think you should only create the new firewall
rules for the DSL link that goes with the second NIC. 
Hope this helps....

-Donnie


__________________________________________________
Do You Yahoo!?
Check out Yahoo! Shopping and Yahoo! Auctions for all of
your unique holiday gifts! Buy at http://shopping.yahoo.com
or bid at http://auctions.yahoo.com

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message