----- Original Message -----
From: "Michael C. Cambria" <[EMAIL PROTECTED]>
To: "Drew Tomlinson" <[EMAIL PROTECTED]>
Sent: Sunday, October 19, 2003 4:03 PM

> Drew Tomlinson wrote:
> > Is there a way to route traffic based on port?  Basically, I want to
> > all traffic on port 8080 use the rl0 interface for its gateway and all
> > traffic use dc0.  Here is a diagram of my network.
> Are you using ipfw?  If so, on your FreeBSD 4.8 machine, an 'fwd' rule
> should let you send anything you want that matches the rule out the port
> you want.  (This is called "policy routing", where your policy bypasses
> the routing database and does what you explicilty tell it to for a given
> set of traffic.)

Thanks for your reply.  I'm adding my network diagram for the benefit of
those that might find this message outside the context of the thread.

         Public IP
       ADSL Modem/Router
         FBSD 4.8 --------- rl0
            dc1              |
             |    Neighbor's AP
             |               |
        Internal LAN     Public IP
             |               |       Internet
        Media Server

I am using ipfw and I've tried 'fwd' with no success.  The nat processor can
only redirect packets to addresses on its own subnet so I set it fo forward
to (rl0).  A 'fwd' rule here forwards the packet to but the destination address on the packet remains
and the media server ignores the packet.  Running natd with a -redirect_port
switch on the rl0 interface actually rewrites the destination address to  So this gets the packets processed by the media server.

The default route on the gateway is (which is my DSL router).
Thus packets from the media server go out dc0.  I have added a 'fwd from 8080 to any' rule in ipfw but no success.
I've also tried but work either.  I'll have to run tcpdump on
the interface and see if I can tell exactly what's going on.  I suspect that
'fwd' might alter the packet so nat doesn't process it?

However addiing a static entry (route add <client ip> gets
the connection working.

> Of course, once out rl0, all machines "down stream" will have to do
> likewise unless their default route sends the packets on port 8080 to
> the right place.

After the packet leaves my FBSD gateway and is on my neighbor's network, his
Linksys router ( should get it to the right place so I'm OK



[EMAIL PROTECTED] mailing list
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to