Re: Policy routing idea (Was: ipfw: Would it be possible to continue processing rest of rules after match ?)

From: Ari Suutari (ari_at_suutari.iki.fi)
Date: 06/23/05

  • Next message: Ari Suutari: "Re: Policy routing idea (Was: ipfw: Would it be possible to continue processing rest of rules after match ?)" 
    Date: Thu, 23 Jun 2005 08:28:43 +0300
To: Luigi Rizzo <rizzo@icir.org>

    Luigi Rizzo wrote:
    > I really believe the "setnexthop" action is the best approach.

    I'll start implementing this approach today if other work permits.
    I think I'll also add new rule option "defaultroute" which matches if
    packet destination has no specific route in routing table. That would
    make it very easy to, for example, route general web-surfing to
    secondary adsl line, just say:

    ipfw setnexthop g2.g2.g2.g2 tcp from any to any defaultroute

    (well, in real life one would need probably nat here, but that
    could be done in similar manner)

            Ari S.
    _______________________________________________
    freebsd-net@freebsd.org mailing list
    http://lists.freebsd.org/mailman/listinfo/freebsd-net
    To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"

  • Next message: Ari Suutari: "Re: Policy routing idea (Was: ipfw: Would it be possible to continue processing rest of rules after match ?)"