Matt Impett wrote: > I have looked at the firewall rather exetensively, but I don't know that it > can do what I want.
Maybe you should describe what you want in a little more detail then :-)
> From what I can tell, the firewall fwd functionality allows you to redirect
> a packet to a different next hop based on any of the firewall matching rules
> (one of which is source address).
>
> What I want to do, however, is redirect the packet to a tunnel (gif device)
> that has no next-hop associated with it. Is there any way to do this??
How does it not have a next hop associated with it? Are you leaving the
addresses unconfigured? Maybe you can still use ipfw like this:
route add DUMMY_NEXT_HOP -interface GIF
ipfw add fwd DUMMY_NEXT_HOP all from SOURCE to any
Lars
--
Lars Eggert <[EMAIL PROTECTED]> USC Information Sciences Institute
smime.p7s
Description: S/MIME Cryptographic Signature
