Routing Question
Doug Hardie
bc979 at lafn.org
Fri Aug 27 18:09:21 UTC 2010
On 27 August 2010, at 05:07, Patrick Lamaiziere wrote:
> Le Thu, 26 Aug 2010 18:17:19 -0700,
> Doug Hardie <bc979 at lafn.org> a écrit :
>
>> PF's route_to will return the packets to the proper router, but I have not
>> been able to figure out which ones those would be. The source IP
>> address can be any on either network and its highly likely that we
>> will see packets from the same source network on both at the same
>> time. The only distinction I see in the input packets between the
>> two paths is the MAC address of the router. I don't see any way in
>> pf or the system to use that to affect the return path
>> though.
>
> the filter option "reply-to" looks to be what you need. It works by
> keeping the state of a connection (see pf.conf(5)).
That works great on the output if you can figure out which packets to use it on. The only way I can see to separate the traffic is using the router MAC address. I don't find anything in pf that will look at that.
More information about the freebsd-questions
mailing list