On 2/14/07, Frans Haarman <[EMAIL PROTECTED]> wrote:
when routing packets to another interface, is it then possible to do redirection
for those packets on the other interface ?
I am trying to:
- route subnets to a tunnel
- redirect the subnets to private ip
10.100.1.1 ----> bge0 --- route-to ---> tun0 --- rdr 10.100.1.1 -> 192.168.1.1
I am seeing mostly
2007-02-14 15:29:43.043821 rule 1/0(match): pass out on tun0:
172.16.11.24 > 10.100.1.1: ICMP echo request, id 512, seq 20225,
length 40
So no rdr. Its probably supposed to work like this, but I lack some pf
understanding
I guess...... if someone could drop some hints it would be nice.
Test box is freebsd btw. If above setup will work on openbsd with
multiple routing tables, etc, etc, please let me know.
#Redirect 10.100.1.1 to CLIENT_A's 192.168.1.1
rdr on bge0 from any to 10.100.1.1 tag CLIENT_A -> 192.168.1.1
#Do nat on CLIENT_A tunnel
nat on tun0 from any to 192.168.0.0/16 -> tun0
#Pass packets for CLIENT_A to their tunnel
pass in log on bge0 route-to tun0 tagged CLIENT_A keep state
This seems to work! I am quite happy with it.
Cheers,
Gr. FH
