Date: Sat, 20 Jan 2001 21:40:44 +0100 From: Jesper Skriver <none@jesper--skriver.dk.lh.bsd-dk.dk> To: bsd-dk@BSD-Dk.dk Subject: Re: To NICS og to ADSL'er
On Sat, Jan 20, 2001 at 12:33:25PM -0800, ElkVixen wrote:
>
> > > ipfw add divert natd tcp from any to any 21 via
> > lnc0
> > > ipfw add divert natd all from any to any via ed0
> >
> > Uden at have læst dokumentationen for nyligt, så
> > bruges "via XXX" til at
> > matche, dvs. linierne kun matcher hvis det er pakker
> > som kommer ind via
> > XXX interfacet.
>
> Rent faktisk bruger jeg den nederste linje lige nu til
> at route Inet fra det lokale (ed1) til inettet (ed0),
> så det kan desværre ikke passe at det er via det..
> undtagen hvis der er andre regler, for Natd?
Det betyder at pakken passerer det interface, fra ipfw(8)
via ifX Packet must be going through interface ifX.
via if* Packet must be going through interface ifX, where X is
any unit number.
via any Packet must be going through some interface.
via ipno Packet must be going through the interface having IP
address ipno.
The via keyword causes the interface to always be checked. If
recv or xmit is used instead of via, then the only receive or
transmit interface (respectively) is checked. By specifying
both, it is possible to match packets based on both receive and
transmit interface, e.g.:
ipfw add 100 deny ip from any to any out recv ed0 xmit ed1
Men du kan gøre noget i retning af
ipfw add fwd x.x.x.x from any to any 21 xmit ed0
ipfw add fwd x.x.x.x from any to any 80 xmit ed0
Hvor x.x.x.x er next-hop (router eller lign.) på din 2. ADSL linie
/Jesper
-- Jesper Skriver, jesper(at)skriver(dot)dk - CCIE #5456 Work: Network manager @ AS3292 (Tele Danmark DataNetworks) Private: Geek @ AS2109 (A much smaller network ;-)One Unix to rule them all, One Resolver to find them, One IP to bring them all and in the zone to bind them.
This archive was generated by hypermail 2b30 : Wed 15 Nov 2006 - 18:24:04 CET