Date: Sun, 7 Mar 2021 11:31:23 -0800 From: Ultima <ultima1252@gmail.com> To: Ludovit Koren <ludovit.koren@gmail.com> Cc: FreeBSD Mailing List <freebsd-questions@freebsd.org> Subject: Re: PF - reply-to Message-ID: <CANJ8om5RJBD=EmzRPpD_%2BavrRgpWBNGj9NbXfyUdOKcaL00vgA@mail.gmail.com> In-Reply-To: <8635x6vli2.fsf@gmail.com> References: <8635x6vli2.fsf@gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Hey Ludovit, More details would be helpful. There can be a few reasons why it is not working that I can see. 1. Do you have an rdr rule to redirect to $web_addr for the pass rule? 2. Rules out of order 3. Conflicting rules. The best way to debug this would be logging the rules and watching where the traffic is going via tcpdump. Best regards, Richard Gallamore On Sun, Mar 7, 2021 at 10:58 AM Ludovit Koren <ludovit.koren@gmail.com> wrote: > > > Hi all, > > we have 2 Internet connections coming on the same interface. One is > primarily used for incoming connections and services that we provide to > Internet (web, mail). The other connection is primarily used for > browsing (cache/proxy) and DNS. There are 2 different routers. > > I am using FreeBSD 12.2-STABLE r369178 and PF. The question is which > router should I set as default router. I suppose, I can use reply-to > and/or route-to, respectively. If I use (default router $router2): > > pass in on $ext_if reply-to (bge0 $router1) inet proto tcp from any to > $web_addr port 443 keep state > > it is not working. The following setup is working (default router > $router1): > > pass out on $ext_if route-to (bge0 $router2) inet proto tcp from any to > any keep state > > Is it bug or I do not understand the manual page correctly? > > Thank you very much. > > Regards, > lk > _______________________________________________ > freebsd-questions@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to " > freebsd-questions-unsubscribe@freebsd.org" >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CANJ8om5RJBD=EmzRPpD_%2BavrRgpWBNGj9NbXfyUdOKcaL00vgA>