Redirection of ALL traffic to specific interface

Hello

I have a freeBSD box acting as a router with many interfaces. I want separate the networks so that they don't "directly" reach other unless I specify this using a firewall.

So, I want to force all traffic going the any host in the subnet 2.0.0.0/8 to use the em0 interface and ultimately reach the 10.0.0.1 host

Then, I want to force all traffic coming from the 2.0.0.0/8 subnet going to 10.0.0.1 specificly to also use the em0 interface.

em0 is the gateway with the IP address 2.2.2.2

It is not the defaultrouter.

I have added the following to my routing table:
# route add -inet 2.0.0.0/8 2.2.2.2

I have tried to use natd.conf as follows:
Code:
interface em0
use_sockets yes
-redirect_proto ip 2.2.2.2[2.2.2.3[10.0.0.1]]


I am not really sure if my usage of redirect_proto is correct. But I used it anyway. It doesn't work the way I want it to.

In simple pseudocode, what I want to achieve is:
Code:
if source=10.0.0.1 && destination=2.0.0.0/8
	redirect traffic to 2.2.2.2 and let it deal with it
if source 2.0.0.0/8 && destionation=10.0.0.1
	redirect traffic to 10.0.0.1 through 2.2.2.2 (the gateway)

Any suggestions?
 
beaute said:
em0 is the gateway with the IP address 2.2.2.2

It is not the defaultrouter.

I have added the following to my routing table:
# route add -inet 2.0.0.0/8 2.2.2.2
This won't add anything that isn't already there. The 2.0.0.0/8 network is directly connected.

If you want to reach the 10.0.0.0/24 network you'd use something like
# route add 10.0.0.0 netmask 255.255.255.0 2.2.2.2

Routing is done by looking at the destination of packets, not it's source.
 
SirDice said:
If you want to reach the 10.0.0.0/24 network you'd use something like
# route add 10.0.0.0 netmask 255.255.255.0 2.2.2.2

I added this route and when I ping 10.0.0.1 from 2.2.2.2 or 2.2.2.3, it says Host is down.
 
The host at 10.0.0.1 also needs to have a proper routing table. The packets also need to know the way back.
 
  • Thanks
Reactions: ab
Back
Top