One correction, "keep state" in the rule prevents the duplicate to $ext_if2. So to have the duplicate, it should have been like the following:
pass out log quick route-to ($ext_if2 $ext_gw2) \ proto tcp to any port smtp user _postfix Sorry, On Sun, 2007-01-28 at 13:03 +0200, Soner Tari wrote: > Hi All, > > I'm running Postfix on OpenBSD and have multiple external links on the > same box. I want outgoing smtp connections to be routed to ext_if2, but > the rest to ext_if1. To achieve this, default route being ext_if1, I > tried a couple of things: > > pass out log quick route-to ($ext_if2 $ext_gw2) \ > proto tcp to any port smtp user _postfix keep state > > Looking at pflog, this rule really tries to send packets to ($ext_if2 > $ext_gw2), but e-mails cannot be relayed (for some reason pflog reports > that it duplicates the packets). I wasn't too hopeful anyway per the > description of route-to in pf faq. Then again, this rule summarizes what > I'm trying to achieve. (Or is this rule supposed to work, and I'm doing > something else wrong?) > > The other option would be to set the default route to ($ext_if2 > $ext_gw2), but that's not what I want. > > I use route-to successfully for connections originating behind the > firewall, but smtp connections originate from the box itself. I use > reply-to successfully too. > > In short, I need something like destination-port-based routing for > multiple links. The situation is not specific to smtp port or Postfix, > I'd like to achieve the same for any port I wish. > > What are my options? What can I do in such a case? > > (Since I'm out of ideas and since route-to works fine, my only option > otherwise seems like placing another OpenBSD/pf in front of this box, > which I believe would be ugly.) > > This is also related to a previous thread on a similar topic. > > I would appreciate any help. > Thanks,
