Policy routing
eculp at encontacto.net
eculp at encontacto.net
Wed Oct 22 03:05:37 PDT 2003
Currently we have an inhouse machine with three nic's. One is connected to our
main isp through a ds0 and with public addresses, in this country bandwidth is
still expensive, another through a cable provider with a private ip and the
third
is our lan. I want to selectively route, such as ports 80 and 21, through the
internal trafic through the cable provider and the private ip. All other
traffic
I would like to go through the main isp and the public ip, this is my natd
interface. I'm currently doing it with the help of squid using transparent
proxying with a couple of fwd's but I would like to be able to remove squid
and have everything work but with more flexibility in which services go where
My current working configuracion, without cruft, is basically:
00601 allow tcp from 192.168.5.0/24 to me 80
00701 fwd 127.0.0.1,3128 tcp from 192.168.5.0/24 to any 80
00702 fwd 127.0.0.1,3128 tcp from 192.168.5.0/24 to any 21
00801 fwd 10.24.128.1 tcp from me to any 80
10000 divert 8668 ip from any to any via rl0
Any suggestions would be appreciated.
Thanks,
ed
-------------------------------------------------
More information about the freebsd-ipfw
mailing list