[BSD-INDIA] Pf multiple gateways
Ashish SHUKLA
wahjava.ml at gmail.com
Sat Oct 17 21:49:38 UTC 2009
Hi Matt,
Deepawali Greetings.
M E writes:
> hello ,
> I wondered if anyone could assist me in writing a simple packet filter firewall on my OpenBSD v4.5.
> All I intend doing is to have two firewalling machine on a separate network :
> 192.168.1.1
> ext_if = xl0 (dhcp) // Internet interface
> int_if=xl1 // Internatl interface
> 192.168.2.20
> ext_if = rl0 = 192.168.1.120 (static IP) //
> int_if=rl1 = 192.168.2.20
> My problem is how I could have the first machine passing the webtraffic to the second firewall machine?
What you need is known as traffic redirection or port forwarding. Refer to the
traffic redirection section[1] in OpenBSD pf FAQ.
But that will modify the destination address of the packets, so if you just
want to modify the gateway (layer 2 destination address), then check out
'route-to' in ROUTING section pf.conf(5). Also check out the "Address Pools
and Load-Balancing" section[2] of OpenBSD pf FAQ.
>
> Please I wondered if anyone could send me a brief explanation on this. I am
> not running a webserver or services to the outside world. thanks Matt
References:
[1] http://www.openbsd.org/faq/pf/rdr.html
[2] http://www.openbsd.org/faq/pf/pools.html
HTH
Ashish
--
Paradise is exactly like where you are right now ... only much, much better.
-- Laurie Anderson
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: not available
URL: <http://www.bsd-india.org/pipermail/bsd-india/attachments/20091018/d8f46fa4/attachment.bin>
More information about the bsd-india
mailing list