I have multihomed firewall, and i want to to the following:
Inside Server --> Firewall --> TUN0 -> WORLD
The default gw of the fwall is not the tun0 device.
The idea, is to force a single protocol (ssh) to use the VPN behind the tune device to reach the internet instead of the default gw of the firewall. There is no way of predicting what the ip on the other end will be so ip route is no go.
Is there a way to do this with fwbuilder?
Any idea if this is possible? Many thanks!!
Linux Advanced Routing HOWTO explains how to do this: http://lartc.org/howto/
fwbuilder can only help you build netfilter / iptables rules to mark packets (section 11 of the HOWTO)
Log in to post a comment.