Re: Policy-based routing with ipf

To: tech-net%netbsd.org@localhost
Subject: Re: Policy-based routing with ipf
From: mlelstv%serpens.de@localhost (Michael van Elst)
Date: Thu, 4 Jul 2024 19:53:26 -0000 (UTC)

netbsd%precedence.co.uk@localhost (Stephen Borrill) writes:

>   10.3.0.1 <-> NetBSD <-> 192.168.102.1
>10.3.0.254 <-> filter <-> 192.168.102.254

>My plan is to use policy-based routing to direct matched traffic back to 
>192.168.102.x via 10.3.0.254 (e.g. http or smb). I cannot work out how to 
>achieve this from the man page though.


Assuming the following interface names:

             wm0        wm1
>   10.3.0.1 <-> NetBSD <-> 192.168.102.1

this should be:

pass out quick on wm1 to wm0:10.3.0.254 from 10.3.0.1 to 192.168.102.0/24

pass out quick on wm1               packets sent by wm1
to wm0:10.3.0.254                   redirect to wm0 with next hop 10.3.0.254
from 10.3.0.1                       if src is the NetBSD box
to 192.168.102.0/24                 and dst is on the other net

Follow-Ups:
- Re: Policy-based routing with ipf
  - From: Stephen Borrill

References:
- Policy-based routing with ipf
  - From: Stephen Borrill

Prev by Date: Policy-based routing with ipf
Next by Date: Re: Policy-based routing with ipf
Previous by Thread: Policy-based routing with ipf
Next by Thread: Re: Policy-based routing with ipf
Indexes:

Home | Main Index | Thread Index | Old Index