On 19.11.2007, at 06:03, alexus wrote:
how i can acomplish this with ipf? i have ipf on that box
Write this in ipf.rules:
pass out quick on fxp0 to fxp1:$fxp1_gw from $fxp1_ip to any keep
state
don't forget to replace $fxp1_*.
This solution can be also accomplished with IPFW, options
IPFIREWALL_FORWARD.
On Nov 16, 2007 4:45 PM, Todor Dragnev <[EMAIL PROTECTED]>
wrote:
Hi,
you must use advanced routing, this is very easy on linux with
iproute2 but freebsd is far away for now(maybe forever) and you must
use pf or ipf for this situation.
So, enable pf in rc.conf
pf_enable="YES"
Add this line to the end of pf.conf:
pass out quick route-to (fxp1 $fxp1_gw) inet from $fxp1_ip to !
$fxp1_ip keep state
Where $fxp1_gw must be your gateway on fxp1 interface and $fxp1_ip is
your IP address on fxp1.
Keep your default gateway via 192.168.1.1. With these settings you
can access both 192.168.1.1 and $fxp1_ip from outside.
Regards,
Todor Dragnev
On 16.11.2007, at 07:18, alexus wrote:
Hello,
I have two NICs on my box, one (primary) connected to switch and
have
private IP. that IP also have a static route on Cisco PIX for
accessing this box from outside. the other interface has public IP
that is connected to another switch, i configure both IPs through
/etc/rc.conf, but I can not for some reason access my box through
that
public IP, no firewall rules would prevent me from doing so. here is
my output for netstat -rn
alexus# netstat -rn
Routing tables
Internet:
Destination Gateway Flags Refs Use Netif
Expire
default 192.168.1.1 UGS 0 250 fxp0
127.0.0.1 127.0.0.1 UH 0 2 lo0
192.168.1 link#1 UC 0 0 fxp0
192.168.1.1 00:0d:29:09:90:61 UHLW 2 2
fxp0 1171
192.168.1.250 00:16:cb:94:10:e9 UHLW 1 12
fxp0 1169
216.112.241.24/29 link#2 UC 0 0 fxp1
Internet6:
Destination Gateway
Flags
Netif Expire
::1 ::1
UHL lo0
fe80::%lo0/64 fe80::1%lo0
U lo0
fe80::1%lo0 link#4
UHL lo0
ff01:4::/32 fe80::1%lo0
UC lo0
ff02::%lo0/32 fe80::1%lo0
UC lo0
alexus#
what am I missing?
--
http://alexus.org/
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-
[EMAIL PROTECTED]"
--
http://alexus.org/
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
