|
|
|
|
|
|
| Author |
Message |
David Magda
*nix forums Guru Wannabe
Joined: 18 Apr 2003
Posts: 187
|
 Posted: Fri Apr 01, 2005 12:13 pm Post subject:
Re: Dude about pf and route-to
|
|
|
"Pasky.Org" <pasky@SINSPAMsupercable.es> writes:
| Quote: | I think that solution would be something so...
pass out on $ext_if1 route-to ($ext_if2 $ext_gw2) from \
$ext_if2 to $mail_address port smtp
What's wrong?
|
Close. To the following web page as it explains generally how to
direct traffic to a particular interface:
http://www.openbsd.org/faq/pf/pools.html#outgoing
Try the example there first and make sure it works and you understand
it. Then get rid of the "round-robin" keyword and add the filter for
SMTP. Here are some code snippets from the web page to get things
started:
# nat outgoing connections on each internet interface
nat on $ext_if1 from $lan_net to any -> ($ext_if1)
nat on $ext_if2 from $lan_net to any -> ($ext_if2)
[...]
# load balance outgoing tcp traffic from internal network.
pass in on $int_if route-to \
{ ($ext_if1 $ext_gw1), ($ext_if2 $ext_gw2) } round-robin \
proto tcp from $lan_net to any flags S/SA modulate state
# load balance outgoing udp and icmp traffic from internal network
pass in on $int_if route-to \
{ ($ext_if1 $ext_gw1), ($ext_if2 $ext_gw2) } round-robin \
proto { udp, icmp } from $lan_net to any keep state
[...]
Don't bother to copy-and-paste the above code since it doesn't have
everything, but you can see that the 'route-to' is used in the 'pass
in' rule.
--
David Magda <dmagda at ee.ryerson.ca>, http://www.magda.ca/
Because the innovator has for enemies all those who have done well under
the old conditions, and lukewarm defenders in those who may do well
under the new. -- Niccolo Machiavelli, _The Prince_, Chapter VI |
|
| Back to top |
|
 |
Pasky.Org
*nix forums beginner
Joined: 01 Apr 2005
Posts: 2
|
| Posted: Fri Apr 01, 2005 3:31 am Post subject:
Dude about pf and route-to
|
|
|
Hi all.
First, im sorry for my bad english.
I had a box with three interfaces, one internal (int_if) and two external
(ext_if1 asyimmetrical and ext_if2 symmetrical). I would like to use one
external interface (asymmetrical) for general traffic and the default route is
for this inteface. On the other hand, the outgoing mail traffic (smtp) to my
mail server (external) is too high and the assymetrical line is overload.
So i want that general traffic (inbound and outgoing) use the ext_if1
asymmetrical, and only the smtp traffic, defined by an address and port rule,
must use the ext_if2 symmetrical.
I think that solution would be something so...
pass out on $ext_if1 route-to ($ext_if2 $ext_gw2) from \
$ext_if2 to $mail_address port smtp
What's wrong?
Thanks
--
Un saludo,
Pasky
Www.Pasky.Org
Www.Ayuda-IRC.Com |
|
| Back to top |
|
|
Google
|
|
| Back to top |
|
|
|
|
The time now is Thu Jan 08, 2009 12:53 pm | All times are GMT
|
|
Loans | Credit Cards | Image Hosting | Free File Hosting | Credit Report
|
|
Copyright © 2004-2005 DeniX Solutions SRL
|
|
|
|
Other DeniX Solutions sites:
Unix/Linux blog |
electronics forum |
medicine forum |
science forum |
|
|
Privacy Policy
|
Powered by phpBB © 2001, 2005 phpBB Group
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
Forum index
»
*nix
»
BSD
»
OpenBSD
