Hello to all, I'm trying to setup a Multiwan OpenBSD firewall. I need to use Squid but I cannot setup with rdr and round-robin.. Whe I config rdr options never goes out for WWW... I paste my config .. One ISP it's default gw , I need to do this becouse FTP trought Nat and round-robin doesn't works.. But with this setup works fine. With round-robin I get loadbalancing for web surfing.. but with rdr not works.. =BFsomeone know why?
an_net =3D "192.168.10.0/24" int_if =3D "re0" ext_if1 =3D "em0" ext_if2 =3D "em1" ext_if3 =3D "re1" ext_gw1 =3D "192.168.4.1" #a ext_gw2 =3D "192.168.3.1" #b ext_gw3 =3D "192.168.1.1" #c Default GW /etc/mygate set limit frags 30000 set reassemble yes match in all scrub ( no-df random-id ) set skip on lo # Nat Definitions nat on $ext_if1 from $lan_net to any -> ($ext_if1) nat on $ext_if2 from $lan_net to any -> ($ext_if2) nat on $ext_if3 from $lan_net to any -> ($ext_if3) # Block and log all by default block log (all) pass out on $int_if from any to $lan_net pass in quick on $int_if from $lan_net to $int_if # FTP nat-anchor "ftp-proxy/*" rdr-anchor "ftp-proxy/*" rdr pass on ! egress proto tcp to port { ftp, 9021 } -> 127.0.0.1 port 8021 anchor "ftp-proxy/*" pass in quick on $int_if route-to { ( $ext_if3 $ext_gw3 ) } proto { tcp, udp } from any to any port 21 keep state pass in quick on $int_if route-to { ( $ext_if3 $ext_gw3 ) } proto { tcp, udp } from any to any port 9021 keep state pass out quick on $ext_if3 pass in on $int_if route-to \ { ($ext_if1 $ext_gw1), ($ext_if2 $ext_gw2) } round-robin \ proto tcp from $lan_net to any port http pass in on $int_if route-to \ { ($ext_if1 $ext_gw1), ($ext_if2 $ext_gw2) } round-robin \ proto {udp, icmp} from $lan_net to any keep state pass out quick on {$ext_if1, $ext_if2} proto tcp from any to any keep state # TCP pass out quick on {$ext_if1, $ext_if2} proto {udp, icmp} from any to any keep state # UDP pass out quick on $ext_if1 route-to ($ext_if2 $ext_gw2) from $ext_if2 to any keep state pass out quick on $ext_if2 route-to ($ext_if1 $ext_gw1) from $ext_if1 to any keep state