On Tue, 13 Aug 2002, Les Biffle wrote:
> Hi,
>
> I want to do the following:
>
> 1. Create "n" IPSEC VPN tunnels
> 2. Create "n" VLAN pseudo interfaces
> 3. Route IP Packets based on their arrival iface/tunnel out through
> a corresponding tunnel/iface.
>
> For example, I want to route all packets received through VPN tunnel "2"
> out through VLAN "2," and all packets received on VLAN "2" out through
> VPN "2," without regard to source or destination IP Addresses.
incoming packets should be selectabl in ipfw by using the
clause
"in recv gif0"
or
"in recv vlan0"
then you should be able to redirec thtem using the 'fwd' command
assuming gif0 has a remote end (of the tunnel) at 1.1.1.1
and a packet arrived on vlan0, and the machine you want to
forward to on vlan0 is 2.2.2.2
the following ipfw commands should work (not tested)..
fwd 1.1.1.1 ip from any to any in recv vlan0
the reverse packets should be redirected by:
fwd 2.2.2.2 ip from any to any in recv gif0
As I say, this has not been tested..
let uis know what happens so that others can do this if it works....
>
> I don't want to examine the IP Addresses of any of the routed packets,
> but only want to make the routing decision based on arrival interface.
>
> Does anyone have any ideas or suggestions? Please?
>
> -Les
>
> --
> Les Biffle
> (480) 585-4099 [EMAIL PROTECTED] http://www.les.safety.net/
> Network Safety Corp., 5831 E. Dynamite Blvd., Cave Creek, AZ 85331
>
> To Unsubscribe: send mail to [EMAIL PROTECTED]
> with "unsubscribe freebsd-hackers" in the body of the message
>
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message
