Thanks a lot Patrick, it was really to the point!
>From man pf.conf:
reply-to
The reply-to option is similar to route-to, but routes packets
that
pass in the opposite direction (replies) to the specified
interface. Opposite direction is only defined in the context of a
state entry, and reply-to is useful only in rules that create
state. It can be used on systems with multiple external
connections to route all outgoing packets of a connection through
the interface the incoming connection arrived through (symmetric
routing enforcement).
Two simples lines in pf.conf did the trick:
pass in on vlan1 all keep state reply-to {(vlan1 CC.DD.200.1)}
pass in on vlan10 all keep state reply-to {(vlan10 AA.BB.57.161)}
If I may add a comment, coming from the debian world, I'm really
impressed by how simple the instructions are for configuring OpenBSD.
3-4 lines of config on debian are usually reduced to just one in
OpenBSD. Really impressive!
Thanks again,
GFK's
2011/11/8 Patrick Lamaiziere <[email protected]>
>
> Le Tue, 08 Nov 2011 15:27:02 -0500,
> Guillaume Filion <[email protected]> a C)crit :
>
> > Hi all,
>
> Hello,
>
> > I also tried using pf route-to but that seems to only work with
> > NAT...
>
> No it does routing. I use it without nat.
>
> > So basically my question is how to tell OpenBSD to send packets to the
> > interface they came from?
>
> See reply-to
>
> Regards.
--
http://guillaume.filion.org/
