On Mon, Jan 31, 2011, at 18:53:29PM GMT+01:00, Patrick Lamaiziere wrote:
This does not work at all. If I change
http://www.openbsd.org/faq/pf/carp.html#RulesetTips
+ Ruleset Tips
Filter the physical interface. As far as PF is concerned, network
traffic comes from the physical interface, not the CARP virtual
interface (i.e., carp0). ;
Okay, but where goes the line between the two? I mean, does this mean
I can't use the carp-interface in the route-to at all?
pass in log on $int_if proto { tcp, udp, icmp } from $our_int_net
route-to {($ext_carp_if $ext_gw)}
I'm feeling a bit stupid now... (-:
--
Joachim
