hi,
I need trivial thing but wondering where am I wrong ... :(
help please
I have two WAN interfaces: wan1 and wan2
wan1 is default route interface, wan2 is dedicated for DVR (video)
I'm trying to direct all output from DVR to wan2 (here I do not care of
where a request to DVR came from, I want all replies to go out trough wan2)
so, I hoped to do that with this pf.config
---[ start ]
if_wan1 = "em0"
if_wan2 = "igb0" # ip address A.B.C.D
gw_wan2 = "E.F.G.H"
if_dvr="vlan123"
table const { 10.0.0.0/24 }
# redirect all requests on wan2 to DVR host1
rdr pass on $if_wan2 proto { tcp, udp } to ($if_wan2) port 1234 -> 10.0.0.1
port 5678
nat log on $if_wan2 from to any -> ($if_wan2)
...
pass in log on $if_dvr route-to ($if_wan2 $gw_wan2) from to any keep state
---[ stop ]
as results,
I see requests from world on $if_wan2
I see redirects of the requests, out packets on $if_dvr
I see replies to the requests, in packets on $if_dvr
but I see ($if_wan2) sourced replies, and I see them on *$if_wan1*
so, as I understand ... route-to works, otherwise replies wouldn't be
from ($if_wan2)
but nated replies appears on $if_wan1 what is default route ... so
... how can I have replies go out through $if_wan2? is it question of
the second routing table?
please, advise
--
Zeus V. Panchenko jid:z...@im.ibs.dn.ua
IT Dpt., I.B.S. LLC GMT+2 (EET)
___
freebsd-pf@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-pf
To unsubscribe, send any mail to "freebsd-pf-unsubscr...@freebsd.org"