On Oct 20, 2006, at 3:22 PM, Brian Hawk wrote:
No, you are wrong. Packet will be forwarded to default gateway
through the interface which is on same network with it. You need
some kind of policy routing. I'm not very familiar with ipf but
with pf you can do:
Unfortunately it doesn't go thru the interface which has Src IP
address same as with it. But goes thru the default gateway. But
since the Src IP address in the IP packet is 184.108.40.206, all
TCP replies come from the right interface (xl1) which makes sense
because the devices on the internet wouldn't make the same mistake.
pass out on $ext_if0 route-to ($ext_if1 $ext_gw1) inet from
$ext_if1 to any
pass out on $ext_if1 route-to ($ext_if0 $ext_gw0) inet from
$ext_if0 to any
a "fwd" cannot solve my problem because it likes to forward packets
to a certain IP addr or an IP:port, which is not what I want. I
just need to forward (or rather route) them thru an "interface".
Again, I still think this is what FreeBSD should really be doing
for packets which have interface's IP as Src IP addr in the IP
or with ipfw you can use "fwd" rule action.
The source address of a packet is irrelevant to normal routing; only
the destination matters.
Unless you set up a routing daemon which implements other policies,
the FreeBSD TCP/IP stack uses only the destination address to do a
lookup in the kernel's routing table, using the most precise matching
route, or the default route if one is present and no other route is
email@example.com mailing list
To unsubscribe, send any mail to "[EMAIL PROTECTED]"