On Wed, Mar 23, 2005 at 06:47:49PM -0300, Emilio Lucena wrote: > The question now is why NAT is not having its chance to rewrite the > packets with the right source IP address?
Try using 'set state-policy if-bound'. Without it, the re-routed packet cannot create a second state entry on the second interface. Enable debug logging with 'pfctl -xm' and check /var/log/messages for entries from pf. Daniel
