.. > I have two network interfaces on the same lan, and I > want to redirect incoming traffic to port 80 on both > interface to port 8081, here is what it looks: > > eri0: 172.16.0.201 > rf0: 172.16.0.214 > > rdr rf0 from 172.16.0.0/16 to any port = 80 -> > 172.16.0.214 port 8081 tcp > rdr eri0 from 172.16.0.0/16 to any port = 80 -> > 172.16.0.201 port 8081 tcp > > Let's say that eri0 is the fist route in the Solaris > routing table, all traffic that goes in rf0 will be > NAted but since the route of eri0 matches before, the > packets coming back to my clients are sent on eri0, > causing IPFilter not to recognize the connexion...
What I think you need to do is define a virtual interface in pfil. This is done like this: ndd -set /dev/pfil qif_ipmp_set web0=rf0,eri0 Then choose one address as the destination in a rule like this: rdr web0 from 172.16.0.0/16 to any port = 80 -> 172.16.0.214 port 8081 tcp Darren
