Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 5 Aug 2002 14:23:12 -0400 (EDT)
From:      Andy Dills <andy@xecu.net>
To:        Max <max@ecotech.com.lr>
Cc:        John Hay <jhay@icomtek.csir.co.za>, Kal Torak <kaltorak@quake.com.au>, FreeBSD ISP <freebsd-isp@FreeBSD.ORG>
Subject:   Re: Routing based on source?
Message-ID:  <Pine.BSF.4.44.0208051418100.52504-100000@thunder.xecu.net>
In-Reply-To: <006401c23c93$17cc9de0$04ef10ac@wireless>
next in thread | previous in thread | raw e-mail | index | archive | help 
On Mon, 5 Aug 2002, Max wrote:

> > > Hi all,
> > >
> > > I have a situation where I want to route packets out different
> > > interfaces based on their source ip address... I dont care about
> > > the destination in this case, only where its comming from..
> > >
> > > Is this possible? And if so how?
> >
> > You can use ipfw fwd to do that.
> >
> > John
>
> How?

Hmm...I'm guessing you didn't bother to read the man page?

fwd ipaddr[,port]
 Change the next-hop on matching packets to ipaddr, which
 can be an IP address in dotted quad or a host name.  If
 ipaddr is not a directly-reachable address, the route as
 found in the local routing table for that IP is used
 instead.  If ipaddr is a local address, then on a packet
 entering the system from a remote host it will be
 diverted to port on the local machine, keeping the local
 address of the socket set to the original IP address the
 packet was destined for.  This is intended for use with
 transparent proxy servers.  If the IP is not a local
 address then the port number (if specified) is ignored
 and the rule only applies to packets leaving the system.
 This will also map addresses to local ports when packets
 are generated locally.  The search terminates if this
 rule matches.  If the port number is not given then the
 port number in the packet is used, so that a packet for
 an external machine port Y would be forwarded to local
 port Y.  The kernel must have been compiled with the
 IPFIREWALL_FORWARD option.

So, in other words:

ipfw add fwd <nexthop> ip from <src address> to any

Andy

xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Andy Dills                              301-682-9972
Xecunet, LLC                            www.xecu.net
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Dialup * Webhosting * E-Commerce * High-Speed Access


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.44.0208051418100.52504-100000>