Christopher Cowart wrote: > On Fri, Jun 15, 2007 at 06:30:23PM -0400, Boris Kochergin wrote: >> Christopher Cowart wrote: >>> I have a server with two NICs: >>> >>> em0: 169.229.79.139/25 >>> vlan526: 169.229.126.9/24 >>> >>> The default gateway is 169.229.79.129. The router for the 126 subnet is >>> 169.229.126.1. >>> >>> netstat -rn: >>> | Destination Gateway Flags Refs Use Netif >>> Expire >>> | default 169.229.79.129 UGS 0 102537 em0 >>> | 127.0.0.1 127.0.0.1 UH 0 217 lo0 >>> | 169.229.79.128/25 link#1 UC 0 0 em0 >>> | 169.229.79.129 00:15:c7:b9:f4:80 UHLW 2 4 em0 >>> 1193 >>> | 169.229.79.139 00:11:25:ab:42:70 UHLW 1 589 lo0 >>> | 169.229.126/24 link#9 UC 0 0 vlan52 >>> | 169.229.126.1 00:15:c7:b9:f4:80 UHLW 1 34 vlan52 >>> 1200 >>> | 169.229.126.9 00:18:f8:09:d3:a5 UHLW 1 8 lo0 >>> <snip> >> pass out route-to (vlan256 169.229.126.1) from 169.229.126.9 to any >> >> This tells PF to send all packets sent from 169.229.126.9 through the >> vlan256 interface with a next-hop address of 169.229.126.1. > > Unfortunately, I don't think we can use pf. The rest of our > infrastructure is ipfw and we don't particularly want this to be a > one-off. I was under the impression that my ipfw rule did exactly this, > by sending the packets to the 126 router as their next hop. > > Anyone have any ideas on whether an ipfw fwd rule can be used in a > similar way to this pf rule? > Yes, ipfw fwd will work fine, you'll need to route based on the source ip addresses. For exmaple:
ipfw add 1 fwd <router1> all from <link1> to any ipfw add 2 fwd <router9> all from <link9> to any That *should* work, been a long time since i've touched ipfw. -- Joe Holden T: (UK) 02071009593 (AU) 282442321 E: [EMAIL PROTECTED] _______________________________________________ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "[EMAIL PROTECTED]"
