Hello,
On Fri, Mar 23, 2018 at 03:09:45PM +1100, Rolf Loudon wrote:
> Hello
>
> I’ve had several goes at this but can’t work it out. Hoping there may be
> some assistance available. I cannot find examples I can refine online.
>
> I have two interfaces which I can use for outbound traffic. One ethernet,
> one wifi. I want to send some traffic out via a given interface depending on
> the service I’m connecting to (eg ssh via ethernet, https via wifi, etc).
> (In the past with linux iproute2 and netfilter this is pretty
> straightforward).
>
> Do I need to use route-to or is rdr the tool?
you want to use route-to
>
> If I only wanted to choose via destination network then simple routing is
> sufficient. Adding a port decision has me stuck.
>
> Or is pf not the tool for this?
PF is right tool if you want to make decisions by port number.
Assuming your LAN connects to em1 interface on your router.
pass in on em1 proto tcp from $LAN to any port = 443 route-to [ next
hop ]@iwn0
rule above sends all HTTPS traffic coming from your LAN over wifi. The '[
next hop ]' parameter is IP address of next-hop router, which forwards
traffic from you towards server. e.g. if your next hop is 10.10.10.10 then
route-to option looks as follows:
route-to 10.10.10.10@iwn0
hope it helps
regards
sasha
