On Wed, 9 Mar 2016 14:40:16 +0100, el...@sentor.se wrote:
> On Wed, 9 Mar 2016, Jan Bramkamp wrote:
[..]
> > I would avoid policies based on IP addresses and prefer to define policies
> > based on (pseudo-) interfaces e.g. route (and nat?) traffic from vlan123
> > through the VPN tunnel.
>
>
wrote:
>>
>>>
>>> On Wed, 9 Mar 2016, Jan Bramkamp wrote:
>>>> On 09/03/16 11:29, el...@sentor.se wrote:
>>>>> I've been searching the internet but can't find any good
>>>>> documentation/examples on how to setup source ro
Ah! Yep, that boot option exist in 10.1 as well. :-)
Now I have two approaches to test.
Thanks!
/Elof
On Wed, 9 Mar 2016, Jan Bramkamp wrote:
On 09/03/16 15:26, el...@sentor.se wrote:
Regarding the FIBs:
In FreeBSD 10.1 RELEASE, no extra FIBs can be added since that kernel is
compiled wit
On 09/03/16 15:26, el...@sentor.se wrote:
Regarding the FIBs:
In FreeBSD 10.1 RELEASE, no extra FIBs can be added since that kernel is
compiled without support for it. :-(
I'm hesitant to break binary compability (I use freebsd-update).
Will release 10.3 or 11.0 have "options ROUTETABLES=2" in
et but can't find any good
documentation/examples on how to setup source routing in my FreeBSD.
What I want to do:
Let internet clients connect their OpenVPN to a FreeBSD box. The
client's internet traffic should be routed to a separate firewall
dedicated for all client networks (VPN and physic
#x27;ve been searching the internet but can't find any good
>>> documentation/examples on how to setup source routing in my FreeBSD.
>>> What I want to do:
>>> Let internet clients connect their OpenVPN to a FreeBSD box. The
>>> client's internet traf
On Wed, 9 Mar 2016, Jan Bramkamp wrote:
On 09/03/16 11:29, el...@sentor.se wrote:
I've been searching the internet but can't find any good
documentation/examples on how to setup source routing in my FreeBSD.
What I want to do:
Let internet clients connect their OpenVPN to a FreeBS
On 09/03/16 11:29, el...@sentor.se wrote:
Hi all!
I've been searching the internet but can't find any good
documentation/examples on how to setup source routing in my FreeBSD.
What I want to do:
Let internet clients connect their OpenVPN to a FreeBSD box. The
client's i
Hi all!
I've been searching the internet but can't find any good
documentation/examples on how to setup source routing in my FreeBSD.
What I want to do:
Let internet clients connect their OpenVPN to a FreeBSD box. The client's
internet traffic should be routed to a se
Synopsis: [ipfilter]: ipnat + ipfilter source routing not handling ftp properly
Responsible-Changed-From-To: freebsd-net->cy
Responsible-Changed-By: cy
Responsible-Changed-When: Wed Jul 3 05:20:22 UTC 2013
Responsible-Changed-Why:
Mine.
http://www.freebsd.org/cgi/query-pr.cgi?pr=127
Synopsis: [ipfilter]: ipnat + ipfilter source routing not handling ftp properly
State-Changed-From-To: open->open
State-Changed-By: linimon
State-Changed-When: Wed Jul 3 00:50:32 UTC 2013
State-Changed-Why:
commit bit has been taken in for safekeeping.
Responsible-Changed-From-To: darr
On 22 March 2011 17:16, Hajimu UMEMOTO wrote:
> It's Rule 3 of RFC 3484 which avoids deprecated addresses.
> If this solves your problem, you can do it by the following command:
>
> ifconfig gif0 inet6 deprecated
>
> Please note that you don't need to set net.inet6.ip6.use_deprecated to
>
Hi,
> On Tue, 15 Mar 2011 14:37:20 +
> Matt Smith said:
matt> I have been doing some more research into this and it appears the
matt> proper way to accomplish what I want is to set
matt> net.inet6.ip6.use_deprecated to 0 and then deprecate the IPv6 address
matt> on the gif0 interface
Hi,
> On Tue, 22 Mar 2011 09:19:55 +
> Matt Smith said:
matt> This does indeed look like exactly what I was after however I can't
matt> seem to get it to do anything unless I'm using it wrong.
matt> root@tao[~]# ip6addrctl show
matt> Prefix Prec Label U
On 22 March 2011 03:00, J. Hellenthal wrote:
>
> Hi Matt,
>
> Unofficially not sure if you have already checked into this so I am not sure
> if it is really a solution to your problem but may be a step forward. Check
> out the man page for ip6addrctl(8) that allows you to set a precedence for
>
On Tue, 15 Mar 2011 10:37, matt.xtaz@ wrote:
On 15 March 2011 11:39, Matt Smith wrote:
Hi, I have a question about source routing I hope you can help me with.
I have been doing some more research into this and it appears the
proper way to accomplish what I want is to set
net.inet6.ip6
On 15 March 2011 11:39, Matt Smith wrote:
>
> Hi, I have a question about source routing I hope you can help me with.
I have been doing some more research into this and it appears the
proper way to accomplish what I want is to set
net.inet6.ip6.use_deprecated to 0 and then deprecate th
Hi, I have a question about source routing I hope you can help me with.
I have two interfaces, gif0 which is an ipv6 over ipv4 tunnel to my tunnel
broker and vr0 which is my ethernet interface. I have an IPv6 address
configured on my end of the gif0 tunnel and another IPv6 address from a /64
cannot access the local IPs,
> > Without looking at routing tables of the router it
> > QUICKLY passes it to the NEW gateway.
>
> FWIW, I usually do all filtering using ipf but at one site I'm
> administering I had to do source routing so I implemented the routing
> part with
QUICKLY passes it to the NEW gateway.
FWIW, I usually do all filtering using ipf but at one site I'm
administering I had to do source routing so I implemented the routing
part with ipfw and the (stateful) filtering with ipf. This works great
there. If needed, I can dig up some config nex
You know I Use ipf with for example pass xl1:1.2.3.4
from 1.2.3.5/24 to any
BUT, The Problem is that when I use this, the 1.2.3.5
cannot access the local IPs,
Without looking at routing tables of the router it
QUICKLY passes it to the NEW gateway.
Thanks
AFShhin
--- Ruslan Ermilov <[EMAIL PROTE
> What is missing in ipfw(8) and its ``fwd'' option
> from being a
> successful implementation of policy routing?
>
> - by using the match probability feature, you can
> implement
> the equal-access routing;
>
> - by checking the source IP adress, you can
> implement
> the source-sensitive r
Dear Bruce,
That's What I really mean.
AFShin
--- Bruce M Simpson <[EMAIL PROTECTED]> wrote:
> On Sun, Dec 28, 2003 at 02:15:11PM -0800, afshin
> wrote:
> > Is any source routing facility available in
> FreeBSD ?
>
> I think you mean policy routing. It is on
Andre Oppermann wrote:
Ruslan Ermilov wrote:
What is missing in ipfw(8) and its ``fwd'' option from being a
successful implementation of policy routing?
In the technical sense it is. For larger systems you want automatic
configuration from a routing daemon. ipfw also has its limits when
it co
Ruslan Ermilov wrote:
>
> On Tue, Dec 30, 2003 at 01:25:25AM +, Bruce M Simpson wrote:
> > On Sun, Dec 28, 2003 at 02:15:11PM -0800, afshin wrote:
> > > Is any source routing facility available in FreeBSD ?
> >
> > I think you mean policy routing. It is on th
Bruce M Simpson wrote:
>
> On Sun, Dec 28, 2003 at 02:15:11PM -0800, afshin wrote:
> > Is any source routing facility available in FreeBSD ?
>
> I think you mean policy routing. It is on the wishlist for 5.3.
I working on making these wishes come true. However I can't
On Tue, Dec 30, 2003 at 01:25:25AM +, Bruce M Simpson wrote:
> On Sun, Dec 28, 2003 at 02:15:11PM -0800, afshin wrote:
> > Is any source routing facility available in FreeBSD ?
>
> I think you mean policy routing. It is on the wishlist for 5.3.
>
What is missing in ipf
On Sun, Dec 28, 2003 at 02:15:11PM -0800, afshin wrote:
> Is any source routing facility available in FreeBSD ?
I think you mean policy routing. It is on the wishlist for 5.3.
BMS
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mail
Dear Friends,
Is any source routing facility available in FreeBSD ?
or Is it possiblr with FreeBSD ?
The Linux guru's are familier with "iproute" utility
in Linux Which we can define other route tables and
each one can have its own gateway, then we add a rule
that packet with
29 matches
Mail list logo
