Re: multihome network

Wed, 21 Nov 2007 01:55:41 -0800 


On 19.11.2007, at 06:03, alexus wrote:


how i can acomplish this with ipf? i have ipf on that box



Write this in ipf.rules:
pass out quick on fxp0 to fxp1:$fxp1_gw from $fxp1_ip to any keep state 

don't forget to replace $fxp1_*.
This solution can be also accomplished with IPFW, options IPFIREWALL_FORWARD.
On Nov 16, 2007 4:45 PM, Todor Dragnev <[EMAIL PROTECTED]> wrote: 
Hi,

you must use advanced routing, this is very easy on linux with
iproute2 but freebsd is far away for now(maybe forever) and you must
use pf or ipf for this situation.

So, enable pf in rc.conf
  pf_enable="YES"

Add this line to the end of pf.conf:
  pass out quick route-to (fxp1 $fxp1_gw) inet from $fxp1_ip to !
$fxp1_ip keep state

Where $fxp1_gw must be your gateway on fxp1 interface and $fxp1_ip is
your IP address on fxp1.
Keep your default gateway via 192.168.1.1. With these settings you
can access both 192.168.1.1 and $fxp1_ip from outside.

Regards,
Todor Dragnev


On 16.11.2007, at 07:18, alexus wrote:


Hello,
I have two NICs on my box, one (primary) connected to switch and have 
private IP. that IP also have a static route on Cisco PIX for
accessing this box from outside. the other interface has public IP
that is connected to another switch, i configure both IPs through
/etc/rc.conf, but I can not for some reason access my box through that 
public IP, no firewall rules would prevent me from doing so. here is
my output for netstat -rn

alexus# netstat -rn
Routing tables

Internet:
Destination        Gateway            Flags    Refs      Use  Netif
Expire
default            192.168.1.1        UGS         0      250   fxp0
127.0.0.1          127.0.0.1          UH          0        2    lo0
192.168.1          link#1             UC          0        0   fxp0
192.168.1.1        00:0d:29:09:90:61  UHLW        2        2
fxp0   1171
192.168.1.250      00:16:cb:94:10:e9  UHLW        1       12
fxp0   1169
216.112.241.24/29  link#2             UC          0        0   fxp1

Internet6:
Destination Gateway Flags 
    Netif Expire
::1                               ::1
UHL         lo0
fe80::%lo0/64                     fe80::1%lo0
U           lo0
fe80::1%lo0                       link#4
UHL         lo0
ff01:4::/32                       fe80::1%lo0
UC          lo0
ff02::%lo0/32                     fe80::1%lo0
UC          lo0
alexus#

what am I missing?

--
http://alexus.org/



_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-
[EMAIL PROTECTED]"







--
http://alexus.org/


_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to