Hello list,
I have an OpenBSD box with 4.5 connected to two carriers, to one per dhcp and
to the other static configured.
Now I tried to change my rule set from route-to/reply-to syntax to rtable usage.
Up to now I added my static configured gateway with "route add default $GW
-mpath" so the dhclient-script
does only add an additional default route.
The following rule worked:
$ext1 = static configured as for $ext1_gw
pass in on $ext1 reply-to ($ext1 $ext1_gw) inet proto tcp to ($ext1) port ssh
flags S/SA keep state \
(max-src-conn-rate 3/30,overload <ssh-bruteforce> flush global, pflow)
Now I moved the static gateway to routing table 1 with "route -T 1 add default
$GW" and changed my
rule to:
pass in on $ext1 inet proto tcp to ($ext1) port ssh flags S/SA keep state \
(max-src-conn-rate 3/30,overload <ssh-bruteforce> flush global, pflow)
rtable 1
But as soon as I make a "dhclient $ext2" I can't logon via SSH to the static
configured address so I
guess the reply packets are not routed via rtable 1.
What I'm missing or what I've disunderstood?
Thanks for Your clearification.
Regards Uwe
