Re: traffic routing problem with two ISP's

Fri, 06 Oct 2006 16:27:28 -0700 

Hi Arnaud,

I have read that part of pf.conf, so the tcpdump was from outgoing traffic, on 
the
cable line, where it was routed to with the route-to pf rule, but I have not 
seen any
answer packets arriving on that interface, nor any blocked packets with 
listening
on pflog0.
as far as i know tcpdump it listens in front of pf on the interface, so the 
packets are
leaving with the address of that interface, shouldn't I see the answers arrive 
there
too, and at least have these seen blocked with the tcpdump on the pflog0 
interface?
at least this was what I was expecting to happen, but that I see no answer 
packets,
for some reasons I do not know, that puzzles me.

kind regards
Sebastian


Arnaud Feix <[EMAIL PROTECTED]> wrote: 
> Hi,
> 
> Your problem is coming from here (from the pf.conf man page) :
> 
> /route-to/
>            The /route-to/ option routes the packet to the specified interface
>            with an optional address for the next hop.  *When a /route-to/ rule
>            creates state, only packets that pass in the same direction as the
>            filter rule specifies will be routed in this way.  Packets passing
>            in the opposite direction (replies) are not affected and are routed
>            normally.
> 
> *
> 
> >>> 08:36:41.464966 200.200.200.2.56669 > 195.37.1.35.80: S [tcp sum ok] 
> >>> 890573453:890573453(0) win 5840 <mss 1460,sackOK,timestamp 3315468867 
> >>> 0,nop,wscale 2> (DF) [tos 0x10] (ttl 64, id 6350, len 60)
> >>> 08:36:44.464174 200.200.200.2.56669 > 195.37.1.35.80: S [tcp sum ok] 
> >>> 890573453:890573453(0) win 5840 <mss 1460,sackOK,timestamp 3315471867 
> >>> 0,nop,wscale 2> (DF) [tos 0x10] (ttl 64, id 6351, len 60)
> >>> 08:36:50.461358 200.200.200.2.56669 > 195.37.1.35.80: S [tcp sum ok] 
> >>> 890573453:890573453(0) win 5840 <mss 1460,sackOK,timestamp 3315477867 
> >>> 0,nop,wscale 2> (DF) [tos 0x10] (ttl 64, id 6352, len 60)
> >>> 08:37:02.455739 200.200.200.2.56669 > 195.37.1.35.80: S [tcp sum ok] 
> >>> 890573453:890573453(0) win 5840 <mss 1460,sackOK,timestamp 3315489867 
> >>> 0,nop,wscale 2> (DF) [tos 0x10] (ttl 64, id 6353, len 60)
_____________________________________________________________________
Der WEB.DE SmartSurfer hilft bis zu 70% Ihrer Onlinekosten zu sparen!
http://smartsurfer.web.de/?mc=100071&distributionid=000000000066

Reply via email to