Route outgoing traffic on jail
Jan Aage Knutsen
amig at amig.no
Mon Aug 10 20:30:05 UTC 2009
Hi,
Im trying to route the outgoing traffic from a jail trough another gw than
the default one set on host with pf.
The host is using internal address 192.168.10.5 and the default route is to
192.168.10.1 wich is a dsl line.
The jail is using a public ip that is on a fiber line where the gw is at
the isp and not in my place. I got a /29 from them. I want this jail to use
the isp gw and not the default route.
So far I managed to get the reply-to rule to work. So traffic originating
from inet to jail works. But the inet traffic originating from the jail
still goes trough the defaultroute.
I also using trunking on the interface and have multiple vlans on it. And
the vlan traffic works fine. I can ping the isp1 gw from host etc.
Here is my pf config.
###############
# Variables #
###############
if_isp1="vlan2"
if_isp2="vlan1"
gw1="x.x.x.1"
gw2="192.168.21.1"
jail_ip="x.x.x.30"
###############
# Rules #
###############
#routing for isp1
pass in on $if_isp1 reply-to (vlan2 $gw1) from any to any keep state <-this
is the rule that works..
pass out on $if_isp1 route-to ($if_isp1 $gw1 ) from $jail_ip to any <-
tried to mess around with this rule,
Any good ideas out there? I also running 8.0 fyi.
Regards
Jan Aage
More information about the freebsd-questions
mailing list