From owner-freebsd-pf@freebsd.org  Thu Oct 27 14:02:13 2016
Return-Path: <owner-freebsd-pf@freebsd.org>
Delivered-To: freebsd-pf@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id AD847C15E5F
 for <freebsd-pf@mailman.ysv.freebsd.org>; Thu, 27 Oct 2016 14:02:13 +0000 (UTC)
 (envelope-from jamesmorris8@outlook.com)
Received: from COL004-OMC4S12.hotmail.com (col004-omc4s12.hotmail.com
 [65.55.34.214])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits))
 (Client CN "*.outlook.com", Issuer "Microsoft IT SSL SHA2" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 70FCFED6
 for <freebsd-pf@freebsd.org>; Thu, 27 Oct 2016 14:02:13 +0000 (UTC)
 (envelope-from jamesmorris8@outlook.com)
Received: from IND01-MA1-obe.outbound.protection.outlook.com ([65.55.34.201])
 by COL004-OMC4S12.hotmail.com over TLS secured channel with Microsoft
 SMTPSVC(7.5.7601.23008); Thu, 27 Oct 2016 07:01:03 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=outlook.com;
 s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version;
 bh=7QKBl3MdlLXHb+LjBbTpdeXp8j9mNIinkkMsnHlX3VI=;
 b=UydrWJrS3MkpBaPWlwV4ijGhsM+6h1RvE87bDtQUogS3Jqsm7EgeHU0wZW0PygRaX/jJfkoZhoFz0VQuLkypEbXEg/Z5HJJYqd8oKBeJFNwHol3x73LM2k6n3FqBk6J6kjTOn8lYFQdFKnWxaqkI/15HizyG9ytUM0euu0SVLtnVfFzk43+aiPZNvyBXKp2xBmgzy3JLETSXb/08Mtnyf+wcCpeunbeey3FEPviLj326V9MSLmkkv1RBqt9HV5+AorCbRlDWxDpX3wP6P1DR1YGwEwfeLXfzEBly9crqEQnbV3f3jS0hIqYU6aTaCY8oZHE4ga24o+ly20x3LGzm6A==
Received: from MA1IND01FT007.eop-IND01.prod.protection.outlook.com
 (10.152.200.55) by MA1IND01HT011.eop-IND01.prod.protection.outlook.com
 (10.152.200.104) with Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id 15.1.679.5; Thu, 27 Oct
 2016 14:00:58 +0000
Received: from BM1PR01MB0209.INDPRD01.PROD.OUTLOOK.COM (10.152.200.53) by
 MA1IND01FT007.mail.protection.outlook.com (10.152.200.110) with Microsoft
 SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id 15.1.679.5 via Frontend
 Transport; Thu, 27 Oct 2016 14:00:58 +0000
Received: from BM1PR01MB0209.INDPRD01.PROD.OUTLOOK.COM ([10.164.129.147]) by
 BM1PR01MB0209.INDPRD01.PROD.OUTLOOK.COM ([10.164.129.147]) with mapi id
 15.01.0679.015; Thu, 27 Oct 2016 14:00:58 +0000
From: James Morris <jamesmorris8@outlook.com>
To: "freebsd-pf@freebsd.org" <freebsd-pf@freebsd.org>
Subject: Forcing a route using pf
Thread-Topic: Forcing a route using pf
Thread-Index: AQHSMFptebiwBmt7E0CVr/XEeKg/dw==
Date: Thu, 27 Oct 2016 14:00:58 +0000
Message-ID: <BM1PR01MB020932CF4F49E57B708182A58CAA0@BM1PR01MB0209.INDPRD01.PROD.OUTLOOK.COM>
Accept-Language: en-GB, en-US
Content-Language: en-GB
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator: 
authentication-results: freebsd.org; dkim=none (message not signed)
 header.d=none;freebsd.org; dmarc=none action=none header.from=outlook.com;
x-tmn: [DXHhsDktvvMy0ULFY04FVxU5gV4tq7gkV5rJSXqQmDE=]
x-eopattributedmessage: 0
x-microsoft-exchange-diagnostics: 1; MA1IND01HT011;
 6:edFVY4KU3/hXL07DSPPOfPpsHeagdnT2uLxx0FtQd22OolFe0nxxMpF06NQoFhCJyaOIYzJE8NSNBX3DXINIa786vKl+1T5WDABes+M3OXae+2HIbstgY0TIt/mfuj9VYxRlujiu+CrMGG26dCOilM9QXv2gOf2YyfvFigPfgiKWqcMSbMWJ6c1fCG4eEoeQaQMNt+HObmgLqZlRohUnG0CthR7UoLsBpMBzaOjVjgZmvqrzGBjCq/atccEWNYU3iqyqYoq6bPXL7N7BoMXjUCFXLrN9koJFGGSJ1sjsW8PieeJ4C/RqOdKwZwh0Kdc5;
 5:w/kwR1BmA1G45lNjr1dtRXoVI/8aQo2QkiWsuykaMoYuDnTe+sqO4OQ6Z2wl/pc0SXbXfWTAwRnCZRunNHRhT+vgrNnznc1QG0zSmEH87u2IP1V5OX4b+d35y+rtal0xX8lqIxJnuaHSexVVncnIAA==;
 24:CZWpsC2SQfPRNHGHKbft7GZSyuyLVfDk9VTw/gqZXcSdee8TxJ38+eEfmGgthukc3t/4irmfn0ps6++hCVKGE0W+QnY9U0W/Y/2vXZ86ybI=;
 7:Gzy1D3VRpyScEx0l0HaxnmANVnrwpB3xDrTNBmt4ivwjHgW/8TzQp1Q5qfbHL1DLh6aKACWAaTr+qDeUIY7UDgcIkXIz213gcqtyjEdDZzVR/tX+3X/0M4IEfY4sbY2XfFBulwXlJIEJuHQuJL4aobpQ/qZms3aSwmDm9jIj6WBDzj18sI7+OWEQUq38Df5S3rd8YVxntqBJyMCEX7XxuzIB3EKWkTmLjidVxNzsjMkQ4N6uDGTWUb9/02V1pDHEucyG3XKauRqu3KXMUF38xWUoXnOruPbtYQDZd5AukzJ8q2euynNO+OuxULDqw1ywKfSx/CfIbZq2vu+7VtiNKbVoJx296mvUhb9rqZy2m6Q=
x-forefront-antispam-report: EFV:NLI; SFV:NSPM; SFS:(10019020)(98900003);
 DIR:OUT; SFP:1102; SCL:1; SRVR:MA1IND01HT011;
 H:BM1PR01MB0209.INDPRD01.PROD.OUTLOOK.COM; FPR:; SPF:None; LANG:en; 
x-ms-office365-filtering-correlation-id: 8f5ce50d-dd19-4609-ec03-08d3fe71ad5b
x-microsoft-antispam: UriScan:; BCL:0; PCL:0;
 RULEID:(1601124038)(1603103081)(1603101340)(1601125047); SRVR:MA1IND01HT011; 
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0;
 RULEID:(432015012)(102415321)(82015046); SRVR:MA1IND01HT011; BCL:0; PCL:0;
 RULEID:; SRVR:MA1IND01HT011; 
x-forefront-prvs: 0108A997B2
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
MIME-Version: 1.0
X-OriginatorOrg: outlook.com
X-MS-Exchange-CrossTenant-originalarrivaltime: 27 Oct 2016 14:00:58.1793 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Internet
X-MS-Exchange-CrossTenant-id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MA1IND01HT011
X-OriginalArrivalTime: 27 Oct 2016 14:01:03.0474 (UTC)
 FILETIME=[8E004D20:01D2305A]
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
X-Content-Filtered-By: Mailman/MimeDel 2.1.23
X-BeenThere: freebsd-pf@freebsd.org
X-Mailman-Version: 2.1.23
Precedence: list
List-Id: "Technical discussion and general questions about packet filter
 \(pf\)" <freebsd-pf.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-pf>,
 <mailto:freebsd-pf-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-pf/>
List-Post: <mailto:freebsd-pf@freebsd.org>
List-Help: <mailto:freebsd-pf-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-pf>,
 <mailto:freebsd-pf-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 27 Oct 2016 14:02:13 -0000

Hi,

I have a FreeBSD server (A) with 2 NICs

Each NIC is connected to a different network:
igb0: 10.0.0.10/24
igb1: 10.10.10.10/24
The default gateway on the server is 10.0.0.1

The two networks can communicate using a router (10.0.0.1).

I have a server (B) running on 10.10.10.100 which only allows incoming conn=
ections from 10.0.0.0/24 (not 10.10.10.0/24).

When my FreeBSD server A attempts to connect to server B it uses the closes=
t IP and goes through igb1 which is dropped by B.

Is there a way to force all (or some) outbound traffic to use igb0?

I have attached a small network diagram to illustrate my setup.

Thanks,

James