I dont think that route-to is only for passthrough traffic :):):) This pf config work even traffic is originated from and to machine ;)
:) Please read option careful in example ;) On Thu, 20 Sep 2012 13:25:50 -0400 Michael MacLeod <mikemacl...@gmail.com> wrote: > Actually, multiple routing tables is the correct solution. I documented it > here: > > http://www.mmacleod.ca/blog/2011/06/source-based-routing-with-freebsd-using-multiple-routing-table/ > > >From the post: "... But route-to and reply-to do not trump the default > routing table for traffic that originates or terminates on the router > itself. They are useful only for traffic passing through the router. pf can > only make routing decisions when a packet passes through an interface. It > can try and set the reply-to interface to be the second WAN connection when > an inbound SSH connection is made, but neither the SSH daemon nor the > routing table on the host know or care about the routing preferences of pf." > > On Thu, Sep 20, 2012 at 11:01 AM, Michael Pounov <mi...@elwix.org> wrote: > > > Hi, Juan > > > > Use pf like in that simple example: > > > > $dsl_if = "CardA" > > $int_if = "CardB" > > $dsl_addr = "_dsl_if_ip_" > > $int_addr = "_int_if_ip_" > > $dsl_gw = "_dsl_gw_ip_" > > $int_gw = "_int_gw_ip_" > > > > set state-policy if-bound > > > > .... blah blah blah whatever rules ... > > > > pass out on $dsl_if route-to ($int_if $int_gw) from $int_if no state > > pass out on $int_if route-to ($dsl_if $dsl_gw) from $dsl_if no state > > > > # End pf example ;) > > > > On Thu, 20 Sep 2012 16:16:53 +0200 > > Juan José Sánchez Mesa <juanjo.lis...@doblej.net> wrote: > > > > > Hi! > > > > > > (sorry for my bad english) > > > > > > I have a FreeBSD machine (8.2-RELEASE-p3). The machine has two ethernet > > > cards, configured in this way: > > > > > > - Card A: internet IP address > > > - Card B: intranet IP address > > > > > > Default route goes via card A. > > > > > > Now, on the intranet I have a "normal" DSL router. Then, using NAT i've > > > forewarded a simple port from the DSL to the intranet IP of this machine. > > > > > > The incoming packets from the DSL comes ok to the machine (via card B), > > > but the outgoing packet goes to card A, due to the default route. > > > > > > There is a way to configure the network so that outgoing packets goes to > > > the card from where the incoming packets was arrived ? > > > > > > Or is this impossible to configure ? > > > > > > Thanks!!! > > > > > > _______________________________________________ > > > freebsd-net@freebsd.org mailing list > > > http://lists.freebsd.org/mailman/listinfo/freebsd-net > > > To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org" > > > > > > -- > > Best Regards, > > > > Michael Pounov > > ELWIX - embedded lightweight unix - > > > > WWW: http://www.elwix.org/ > > EMail: mi...@elwix.org > > Skype: mpunov > > XMPP: mi...@aitnet.org > > Phone: +359 888 737358; +359 899 737358 > > _______________________________________________ > > freebsd-net@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-net > > To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org" > > > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org" -- Best Regards! Michael Pounov <mi...@elwix.org> +359 888 737358, +359 899 737358 WWW: http://www.elwix.org/ XMPP: mi...@aitnet.org Skype: mpunov _______________________________________________ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"