I have seen different opinions on this matter: what should be used for policy routing? pass or block?
There are two situations: (1) policy routing on receive, like pass in quick on xl0 out to xl1:1.2.3.4 from any to any block in quick on xl0 out to xl1:1.2.3.4 from any to any (2) policy routing on send (only option for locally generated packets) pass out quick on xl0 out to xl1:1.2.3.4 from 2.2.2.2 to any block out quick on xl0 out to xl1:1.2.3.4 from 2.2.2.2 to any [this is assuming that 2.2.2.2 is a local ip that should be routed via 1.2.3.4, and xl0 would be the default route, which we do not want to use] So, which is right for each case? pass, block, or a combination thereof? Thank you Alex ------------+------------------------------------------------------- Alex Popa, | "Computer science is no more about computers than [EMAIL PROTECTED]| astronomy is about telescopes" -- E. W. Dijkstra ------------+------------------------------------------------------
