Jason Hills wrote:
Hello.
How can I do policy routing with ipfw+natd?
I started 2 natd processes, using natd.conf and natd2.conf
respectively, but things dont work. My rules are:
ext_ifi1="em0"
ext_ifi2="em1"
divert 8668 ip from $net1 to any out via $ext_if1
divert 8669 ip from $net2 to any out via $ext_if2
divert 8668 ip from any to any via $ext_if1
divert 8669 ip from any to any via $ext_if2
My defaultrouter is the one on $ext_if1.
It works for port 8668 but doesnt work for 8669 (the second xDSL link)
what version of freeBSD?
in -current you can implement a routing table via FWD and tables.
in 6.x you need to specify the next hop. and an more explicit rule.
the fwd rule is a terminal rule.. (processing does not continue, however
while divert is a termianl rule, the natd reinjects the packet back into the
firewall at eh rule number AFTER thr rule that did the divert,
so you can treat it as if it was non terminating.
this means that you need to do the NAT before you do the FWD.
julian
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
