logo       
<prev   next>

Re: source routing: msg#00109

Subject: Re: source routing 
Nu sint sigur ca asa e, n-am mai folosit ipfw de mult:
ipfw add <rule number> fwd <ip> <proto> from <src> to <dst>
In orice caz, man page-ul te va lamuri.



On Thu, 16 Sep 2004 16:53:10 +0300 (EEST), Cristian Ursuleanu
<cristi-DKpniwQfo6E@xxxxxxxxxxxxxxxx> wrote:
> 
> poti sa-mi spui cum se poate face cu ipfw pentru 4.x?
> 
> sau da-mi un link ...
> 
> ideea e urmatoarea:
> am un server cu 2 conexiuni la internet prin 2 provideri.
> 
> in spate e o retea LAN.
> 
> vreau ca portul 80 sa plece pe un provider, iar restul de trafic prin
> celalalt provider.
> 
> momentan nu am folosit decat FreeBSD 4.x si doar ipfw.
> nu am folosit niciodata ipf, dar daca trebuie nu e o problema.
> 
> asta am facut cu iproute2 si iptables pe linux. pe FreeBSD nu am nici o
> idee.
> 
> merci.
> 
> On Thu, 16 Sep 2004, Alex Popa wrote:
> 
> > On Thu, Sep 16, 2004 at 12:41:17AM +0300, Cristian Ursuleanu wrote:
> > >
> > > Stie cineva cum se face (sau daca se poate face) 'source routing' in
> > > freeBSD?
> > >
> > > Pe linux se face cu iproute2 , si e ok.
> > >
> > > am cautat despre asta si se pare ca doar in 5.3 's-ar putea' sa fie.
> > >
> > > eu as dori o solutie pe 4.X.
> > >
> > > merci.
> >
> > Depinde ce intelegi prin "source routing".  Majoritatea sistemelor de
> > operare de pe routere pur si simplu arunca la gunoi pachetele cu
> > optiunea de source routing.  Vezi de exemplu FreeBSD, verifici cu
> > $ sysctl -a | grep source.
> >
> > Daca prin source routing intelegi source-based routing, adica de fapt
> > policy-based routing, vezi un articol scris de subsemnatul la
> > http://www.bsdnews.org/01/policy_routing.php
> >
> > E pentru ipfilter, se poate si cu ipfw.  Daca esti chiar curajos, cred
> > ca poti sa le folosesti pe ambele pentru asta...
> >
> >
> > Alex
> >
> > PS:  ipf policy routing + keep state mi-a facut probleme la un anume
> > moment.  Incearca fara keep state pentru pachetele la care faci routing
> > din ipf daca ai si tu probleme.
> >
> > ------------+-------------------------------------------------------
> > Alex Popa,  |  "Computer science is no more about computers than
> > razor-EnhvrSxvaSc@xxxxxxxxxxxxxxxx|     astronomy is about telescopes" -- 
> > E. W. Dijkstra
> > ------------+-------------------------------------------------------
> > __________________________________________________________
> > Send 'unsubscribe rofug' to listar-gQFem4m/dK4@xxxxxxxxxxxxxxxx to 
> > unsubscribe
> >
> >
> __________________________________________________________
> Send 'unsubscribe rofug' to listar-gQFem4m/dK4@xxxxxxxxxxxxxxxx to unsubscribe
> 
> 



-- 
If it's there, and you can see it, it's real.
If it's not there, and you can see it, it's virtual.
If it's there, and you can't see it, it's transparent.
If it's not there, and you can't see it, you erased it.
__________________________________________________________
Send 'unsubscribe rofug' to listar-gQFem4m/dK4@xxxxxxxxxxxxxxxx to unsubscribe
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Problema neidentificata Apache2.0.50 / FreeBSD 5.2.1, Paul
Next by Date:  Re: source routing, Constantin
Previous by Thread:  Re: source routing, Cristian Ursuleanu
Next by Thread:  Re: source routing, Constantin
Indexes:  [Date] [Thread] [Top] [All Lists]

Google Custom Search
News | FAQ | advertise