On Jan 10, 2004, at 12:31 AM, Albert Rybalkin wrote:
Just wondering why the following rule gives me a syntax
error in "route-to" part:
pass out quick on $ext_if route-to (fxp0:0) proto udp \
from any to any keep state queue dns
What I'm missing here?
Thanks,
--
Albert Rybalkin
Hi Albert!
Yeah the first time I had to use route-to it took me a bit to grok it.
You need to alter your line just a tad. It's pretty close.
Here's an example from a config I just did recently:
pass in quick on $LAN_IF route-to \
{ ($WAN_IF_0 $WAN_GW_0), ($WAN_IF_1 $WAN_GW_1) } round-robin \
After the route-to is where you throw your line break. Then add the interface(s).
Does that clear it up for you?
Ahh, I spoke too soon... sorry. Please disregard
my previous response.
Here's what I have now:
"fxp0:0" gives "routeto: unknown interface fxp0:0"
"(fxp0)" and "(fxp0:0)" both give "syntax error"
Only "fxp0" works, but that's not what I wanted.
What I'm looking to is something like "(fxp0:0)"
syntax for "route-to". I might be out of whack here,
but here's my problem:
I have a dhcp-leased address assigned to fxp0 by my
ISP and an alias in private address space for my own
routing. What I want to use is some sort of pf rule
that would force certain outgoing packets (based on
filtering criteria) to have their source address set
to dhcp-leased address, i.e. something like "(fxp0:0)".
Right now when these packets are sent, they have
a source address == alias address of fxp0 which is
no good.
I thought that "route-to" would help me with that,
but apparetly it doesn't.
Is there a way to implement something like this
with pf?
Thanks, -- Albert Rybalkin
