tonix (Antonio Nati) wrote:
> Tom Judge ha scritto:
>> tonix (Antonio Nati) wrote:
>>> Tom Judge ha scritto:
>>>> tonix (Antonio Nati) wrote:
>>>>> I'm using FreeBSD and Monowall in the
most of my servers.
>>>>>
>>>>> One limit I'm facing on both is the
lack of an advanced routing
>>>>> feature.
>>>>>
>>>>> Would be too complicated to modify
"route" sources (and probably
>>>>> kernel tables) implementing a FROM
parameter in ADD command?
>>>>>
>>>>> route add 0.0.0.0/0 210.10.10.1
>>>>> route add FROM 200.1.1.0/24
0.0.0.0/0 210.10.10.10
>>>>> route add FROM 200.1.2.0/24
0.0.0.0/0 210.10.11.11
>>>>>
>>>>> A FROM option would improve a lot
routing capabilities and handling
>>>>> of multiple WAN connections.
>>>>>
>>>>> Any comment?
>>>>>
>>>>> Tonino
>>>>>
>>>>
>>>> If you wish to do this type of policy
routing you need to use one of
>>>> the firewalls as it can't be done in the
routing table. PF can do
>>>> this easily with its route-to option.
>>>>
>>> I feel it is more a routing feature than a fw
feature. I don't see
>>> extending routing tables (and relative routing
checking) so complicated.
>>>
>>> Tonino
>>
>> It is not that it is not complicated. It is that
it is _NOT_
>> _POSSIBLE_ to do this with the FreeBSD routing sub
system. You _MUST_
>> do this with a firewall on FreeBSD.
> Not possible with the ACTUAL routing subsystem, or not
possible to
> change the code to enhance the subsystem? I'm speaking
about modifying
> the code, if necessary.
>
> Tonino
>
Not possible with the current implementation, I don't know
about how
feasible it is to add the support you want either. You may
want to ask
on net to see if anyone there is actively working on this.
However if you are looking for a quick solution you should
go the
firewall route.
Tom
_______________________________________________
freebsd-ispfreebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-isp
To unsubscribe, send any mail to
"freebsd-isp-unsubscribefreebsd.org"
|