Hi, Pardon the newbie question.
I'm Running OpenBSD 3.3 on i386. I'm trying to set up a firewall between two lan segments. In effect trying to squeeze 2 firewalls into 1 box. I have 2 internal if's and 2 external. several internal lan's: 10.0.0.0/24 and 10.0.1.0/24, etc. 1 external lan: 192.168.0.0/24 (ext ip's: 192.168.0.2 192.168.0.3) single remote router @ 192.168.0.1 In the interest of bandwidth I'd like to route all traffic from 10.0.0.0/24 -> 192.168.0.2 and 10.0.1.0/24 -> 192.168.0.3 (There's a gigabit pipe beyond the lan segment I can access. I can only use 100Mbit on my switch) and keep same 1:1 relationship for requests coming in. Several questions: 1. Will 'route-to' statement in filter rules work here? 2. Is there a routing problem w/ both ext if's on same subnet? 3. What is the proper way to structure a route-to/reply-to pair? 4. Is a paired set of rules necessary? (Should I just give up and install 2 boxes, 1 for each lan??) Thanks, --N
