Hi, I have set up 2 tunnels to my VPS's from a OpenBSD pppoe gateway. Today I wanted to switch a source route from one tunnel to the other tunnel (at hetzner) and was dumbfounded after applying new rulesets [1], and killing the individual states of traffic on tun0. It didn't work so I'm left wondering whether this is a bug. I did a pfctl -Fstates as a last resort and that helped move everything over. But flushing all the states isn't my idea of fun.
[1] this is an excerpt from my rules in /etc/pf.conf ### !!! this is the reroute to amsterdam ### # pass in on em3 inet from any to ! 192.168.181.1 route-to (tun0 10.99.99.1) #pass out on tun0 inet from 192.168.181.0/24 to any #match out on tun0 inet from <rfc1916> to any nat-to (tun0) ### !!! this is the reroute to hetzner ### pass in on em3 inet from any to ! 192.168.181.1 route-to (tun1 10.88.88.1) pass out on tun1 inet from 192.168.181.0/24 to any match out on tun1 inet from <rfc1916> to any nat-to (tun1) #### ### Is there a way I missed other than the pfclt -k id -k stateid, and the pfctl -Fstate? Cheers, -peter
