[FUG-BR] Como utilizar 2 link

Terça Outubro 9 15:50:32 BRT 2007

Em 09/10/07, Helder Urso - Gmail<helder.urso em gmail.com> escreveu:
> Boa tarde.
>
>
> Preciso implementar a utilização de 2 link de acesso a internet no servidor, cada link ficara para algumas portas, o servidor é FreeBSD 6.1 com ipfw, nat e squid.
>
> As interfaces:
>
> bge0:    192.168.20.1    -> rede interna com vlan redes 192.168.21.x, 30.x,40.x,50.x
> xl0:       IP valido LP
> xl1:       IP valido adsl
>
>
> Hoje so utilizo o o usual para o acesso a internet entra pela xl0 e passa para a bge0, quero que a entrada e saida de email, P2P, emule, videos etc.. saia pela xl1, ficando http, https, msn, voip pela xl0.
>
>
>
> Segue meu ipfw:
>
> 00100 allow ip from any to any via lo0
> 00200 deny ip from any to 127.0.0.0/8
> 00300 deny ip from 127.0.0.0/8 to any
> 00400 check-state
> 00500 allow tcp from me to any setup keep-state
> 00510 allow tcp from 127.0.0.1 3128 to any via bge0 setup keep-state
> 00511 allow udp from any to any dst-port 53 via bge0
> 00511 allow udp from any to any dst-port 53 via vlan*
> 00512 skipto 800 ip4 from 192.168.21.249 to any via vlan*
> 00520 pipe 10 ip4 from any to me dst-port 22 via bge0
> 00520 pipe 10 ip4 from any to me dst-port 22 via vlan*
> 00540 pipe 11 udp from table(1) to not me in via bge0
> 00540 pipe 11 udp from table(1) to not me in via vlan*
> 00550 pipe 12 udp from table(1) to not me out via bge0
> 00550 pipe 12 udp from table(1) to not me out via vlan*
> 00560 pipe 1 ip4 from table(1) to not me in via bge0
> 00560 pipe 1 ip4 from table(1) to not me in via vlan*
> 00570 pipe 2 ip4 from table(1) to not me out via bge0
> 00570 pipe 2 ip4 from table(1) to not me out via vlan*
> 00600 skipto 800 tcp from any to 200.201.174.0/24 via bge0
> 00600 skipto 800 tcp from any to 200.201.174.0/24 via vlan*
> 00600 fwd 127.0.0.1,3128 tcp from any to any dst-port 80 via bge0 setup keep-sta
> 00600 fwd 127.0.0.1,3128 tcp from any to any dst-port 80 via vlan* setup keep-st
> 00650 fwd 127.0.0.1,53 udp from any to 200.134.184.2 dst-port 53 via bge0
> 00650 fwd 127.0.0.1,53 udp from any to 200.134.184.2 dst-port 53 via vlan*
> 00700 allow udp from any to me dst-port 53 in via bge0
> 00700 allow udp from any to me dst-port 53 in via vlan*
> 00800 divert 8668 udp from any to any dst-port 53 via xl0
> 00900 divert 8668 ip from any to any via xl0
> 60000 allow log logamount 10000 ip from any to any
> 65535 allow ip from any to any
>
>
> Obrigado,
>
>
>
> Helder
> -------------------------
> Histórico: http://www.fug.com.br/historico/html/freebsd/
> Sair da lista: https://www.fug.com.br/mailman/listinfo/freebsd
>

vc pode da uma olhda neste material
http://www.bsdsul.com.br/tutoriais_detalhe.php?cod=27&tipo=2
ou neste http://www.openbsd.org/faq/pf/pt/pools.html

-- 
Alessandro de Souza Rocha
Administrador de Redes e Sistemas
Freebsd-BR User #117