RE: Trouble using route-to

2004-10-08 Thread Ben 
Further details:

running dhclient on rl1 (nic plugged into campus)  does grab an ip address
(128.195.88.183)  but that ip address does not respond to pings from the
outside world.  (even with the pass in on rl1 all line added to pf),   so
that causes one to assume something is funky...  so,  running an ifconfig -a
shows the following:


rl1: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500
address: 00:10:b5:0f:dc:1e
media: Ethernet autoselect (none)
status: active
inet6 fe80::210:b5ff:fe0f:dc1e%rl1 prefixlen 64 scopeid 0x2
inet 128.195.88.183 netmask 0xff00 broadcast 128.195.88.255


the Autoselect (none) is the part that worries me,  all of the other
autoselect interfaces  show (100baseTX full-duplex).BUT,  rl1 was able
to grab dhcp information so...   if anyone has any suggestions (other then
ditch the 3rd interface and have the wife plug into campus herself...)   let
me know.

Ben 

 -Original Message-
 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] 
 On Behalf Of Ben
 Sent: Friday, October 08, 2004 8:11 AM
 To: [EMAIL PROTECTED]
 Subject: Trouble using route-to
 
 Hey all, I just installed a 3rd nic into my OBSD (3.4 CD) 
 system,  it's hooked up to the campus network for routing of 
 campus traffic,  all of the rest of the traffic should go 
 through my cable modem.  I will eventually route some smtp 
 traffic out via campus too,  however now the box doesn't 
 route anything from my local network out via that interface:  
 
 Below is the relevent pf.conf file:
 
 internal_net=192.168.1.0/24
 int_if=em0
 rl0_tcpports=any
 int_if=em0
 ext_if=rl0
 rl1_tcpports=any
 uci_if=rl1
 cox_gw = 68.106.218.1
 table UCI { 128.195.0.0/16, 128.200.0.0/16 } UCI_gw= 128.195.88.1 
 scrub in all
 
 altq on $ext_if priq bandwidth 4Mb queue { q_pri, q_def } 
 queue q_pri priority 7 queue q_def priority 1 priq(default)
 
 nat on rl0 from $internal_net to !$internal_net - (rl0) nat 
 on rl1 from $internal_net to !$internal_net - (rl1)
 
 
 
 pass out on $ext_if proto tcp from $ext_if  to any flags S/SA \
 keep state queue (q_def, q_pri)
 
 pass in  on $ext_if proto tcp from any to $ext_if  flags S/SA \
 keep state queue (q_def, q_pri)
 
 pass out on rl1 all #(no point in filtering it since nothing 
 should use it
 unless I tell it to)
 
 pass in on $int_if route-to { ($ext_if $cox_gw) } from 
 $internal_net to
 !UCI keep state 
 pass in on $int_if route-to { ($uci_if $UCI_gw) } from 
 $internal_net to
 UCI keep state
 
 ---
 
 
 Cheers!
 
 Ben
 
attachment: winmail.dat

RE: Trouble using route-to

2004-10-08 Thread Ben 
I ended up having to do it that way,  but the reason I preferred to do it
via pf was in case of reboot all of the manual routes would have to be
re-entered.   Also,  if the route-to command would work, I could then also
route specific ports out via specific interfaces, say smtp traffic since my
cable internet provider decided we don't need access to anyone else's smtp
servers...  However route does seem to work for now :)



Ben



 

 -Original Message-
 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] 
 On Behalf Of Stefan Paletta
 Sent: Friday, October 08, 2004 9:53 AM
 To: [EMAIL PROTECTED]
 Subject: Re: Trouble using route-to
 
 Ben wrote/schrieb/scripsit:
 [no specific question]
  pass in on $int_if route-to { ($ext_if $cox_gw) } from 
 $internal_net 
  to !UCI keep state pass in on $int_if route-to { ($uci_if 
 $UCI_gw) } 
  from $internal_net to UCI keep state
 
 Why not just route(8)?
 
 -Stefan
 -- 
  junior guru   SP666-RIPE JID:[EMAIL PROTECTED][EMAIL PROTECTED]

Re: Trouble using route-to

2004-10-08 Thread Stefan Paletta 
Ben wrote/schrieb/scripsit:
I ended up having to do it that way,  but the reason I preferred to do it
via pf was in case of reboot all of the manual routes would have to be
re-entered.
Put the route commands into /etc/hostname.rl1, preceeding them with !-s.
-Stefan
--
junior guru   SP666-RIPE JID:[EMAIL PROTECTED][EMAIL PROTECTED]

RE: Trouble using route-to

2004-10-08 Thread Ben 
Great, thanks!  So the hostname.*  file would look like (for example)

dhcp NONE NONE NONE
!-s route add 128.195.0.0/16  128.195.88.1 


Ben


 -Original Message-
 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] 
 On Behalf Of Stefan Paletta
 Sent: Friday, October 08, 2004 2:12 PM
 To: [EMAIL PROTECTED]
 Subject: Re: Trouble using route-to
 
 Ben wrote/schrieb/scripsit:
 I ended up having to do it that way,  but the reason I 
 preferred to do 
 it via pf was in case of reboot all of the manual routes 
 would have to 
 be re-entered.
 
 Put the route commands into /etc/hostname.rl1, preceeding 
 them with !-s.
 
 -Stefan
 -- 
  junior guru   SP666-RIPE JID:[EMAIL PROTECTED][EMAIL PROTECTED]

RE: Trouble using route-to

2004-10-08 Thread Jason Opperisano 
On Fri, 2004-10-08 at 17:41, Ben wrote:
 Great, thanks!  So the hostname.*  file would look like (for example)
 
 dhcp NONE NONE NONE
 !-s route add 128.195.0.0/16  128.195.88.1 
 
 
 Ben

heh, no...  that was an attempt to make an exclamation point plural...

man 5 hostname.if

you would use:

!route add 128.195.0.0/16  128.195.88.1

-j

=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~
There are only two kinds of tequila. Good and better.
=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~