route-to rule.
Stephane Raimbault
segr at hotmail.com
Mon Jan 24 14:26:34 PST 2005
I have a freebsd box with 2 wan interfaces, 1 lan interface and 1 tun
interface.
I have pf setup so that 10.1.0.64/26 and 10.1.0.128/25 go out our second wan
interface like this:
nat on $ext_if1 from $internal_net to any -> ($ext_if1)
nat on $ext_if2 from $internal_net to any -> ($ext_if2)
pass in on $int_if route-to ($ext_if2 $ext_gw2) from { 10.1.0.64/26 ,
10.1.0.128/25 } to any
pass out on $ext_if1 route-to ($ext_if2 $ext_gw2) from $ext_if2 to any
pass out on $ext_if2 route-to ($ext_if1 $ext_gw1) from $ext_if1 to any
However, any traffic destined to 10.0.0.0/26 accessible via the tun0
interface doesn't get routed as I'm guessing it goes out to the 2nd wan
interface ( $ext_if2 ).
I've tried modifying the pass in line like this:
pass in on $int_if route-to ($ext_if2 $ext_gw2) from { 10.1.0.64/26 ,
10.1.0.128/25 } to { 0.0.0.0/0, !10.0.0.0/26 }
However it did not work. Any suggestions on this?
thanks,
stephane.
_________________________________________________________________
Take charge with a pop-up guard built on patented Microsoft® SmartScreen
Technology.
http://join.msn.com/?pgmarket=en-ca&page=byoa/prem&xAPID=1994&DI=1034&SU=http://hotmail.com/enca&HL=Market_MSNIS_Taglines
Start enjoying all the benefits of MSN® Premium right now and get the
first two months FREE*.
More information about the freebsd-pf
mailing list