Date: Fri, 27 Aug 2010 11:09:16 -0700 From: Doug Hardie <bc979@lafn.org> To: Patrick Lamaiziere <patfbsd@davenulle.org> Cc: freebsd-questions@freebsd.org Subject: Re: Routing Question Message-ID: <2D2B914E-B6FA-43CF-9741-559D74D43B9E@lafn.org> In-Reply-To: <20100827140713.41391a3e@davenulle.org> References: <96E6F9A3-49F5-4C55-8248-6D62717636DF@lafn.org> <20100827140713.41391a3e@davenulle.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On 27 August 2010, at 05:07, Patrick Lamaiziere wrote: > Le Thu, 26 Aug 2010 18:17:19 -0700, > Doug Hardie <bc979@lafn.org> a =E9crit : >=20 >> PF's route_to will return the packets to the proper router, but I = have not >> been able to figure out which ones those would be. The source IP >> address can be any on either network and its highly likely that we >> will see packets from the same source network on both at the same >> time. The only distinction I see in the input packets between the >> two paths is the MAC address of the router. I don't see any way in >> pf or the system to use that to affect the return path >> though. >=20 > the filter option "reply-to" looks to be what you need. It works by > keeping the state of a connection (see pf.conf(5)). That works great on the output if you can figure out which packets to = use it on. The only way I can see to separate the traffic is using the = router MAC address. I don't find anything in pf that will look at that.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?2D2B914E-B6FA-43CF-9741-559D74D43B9E>