Hi there,
Today i tried to make a policy routing with pf on freebsd 7 server for my
second internet connection but couldn't do it. My default gw is dsl and want
to use leased line for second connection. I do not know where is the problem
?
Here is my pf.conf file ;
ll="sk0"
ll_gw="212.212.1.1"
ll_ip="212.212.1.2"
dmz="sk1"
dmz_net="230.230.1.176/28"
dmz_ip="230.230.1.177"
dsl="rl0"
dsl_gw="10.1.1.1"
dsl_ip="10.1.1.2"
int="sk2"
int_net="10.10.10.0/24"
int_ip="10.10.10.1"
set optimization aggressive
set skip on lo
scrub in all
nat on $dsl from $int_net to any -> $dsl_ip
# Default block
###############
block in log all
block out log all
antispoof quick for { lo $int $ll $dsl $dmz }
pass out on $dsl inet proto tcp from $dsl to any keep state
pass out on $dsl inet proto udp from $dsl to any keep state
pass out on $ll inet proto tcp from $ll to any keep state
pass out on $ll inet proto udp from $ll to any keep state
pass in on $int inet proto tcp from $int_net to any port { http, https }
flags S/SA keep state
pass in on $int inet proto udp from $int_net to any port domain keep state
pass in log on $dmz route-to($ll $ll_gw) inet proto tcp from $dmz_net to
any port { http, https } flags S/SA keep state
pass in log on $dmz route-to($ll $ll_gw) inet proto udp from $dmz_net to
any port domain flags S/SA keep state
Can you correct me ?
Thanks
ismail
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-pf
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
