From owner-freebsd-net@FreeBSD.ORG Thu Mar 20 12:50:13 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 03773106566C for ; Thu, 20 Mar 2008 12:50:13 +0000 (UTC) (envelope-from wcglist@gmail.com) Received: from wx-out-0506.google.com (wx-out-0506.google.com [66.249.82.226]) by mx1.freebsd.org (Postfix) with ESMTP id BE07D8FC20 for ; Thu, 20 Mar 2008 12:50:12 +0000 (UTC) (envelope-from wcglist@gmail.com) Received: by wx-out-0506.google.com with SMTP id i29so1089080wxd.7 for ; Thu, 20 Mar 2008 05:50:07 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:references; bh=eQAhGTHbolReyp7Xx215xQt6i325Tz0iZWUiAx67etU=; b=JGG1qR8UOzrgTWEM/RkBzVGHw9pXzmhGeRpk76mUVGUHZns3RDaQ4nmrpQGmLzDO0lhqW/H04jObxQCj3xml9G6o2qiPxKdpcMCcofK7FsJEqSSbgwRjgVAhkdLYvypmQl7AOtsq5fcaWv0C1pu9WP1MU+v+jJrKSlXWXNjZmEg= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=message-id:date:from:to:subject:in-reply-to:mime-version:content-type:references; b=KYwFI/TXu8SDAESMdLwok/bY7g/UseAcP3pARY1m47t2R9BC+M3I2Q8FkD1AfBF9IrUsx7D9KYksOUDw+8hROmgXQ+6SSZRO6liEDfaoKfNT4ZY976w9x9PHR9Pyvl/z9BV1zowu2pk/v9btQItzN4PEs5Jp6dx7ha5wP20sqmU= Received: by 10.140.180.13 with SMTP id c13mr632169rvf.188.1206015853117; Thu, 20 Mar 2008 05:24:13 -0700 (PDT) Received: by 10.141.123.18 with HTTP; Thu, 20 Mar 2008 05:24:13 -0700 (PDT) Message-ID: Date: Thu, 20 Mar 2008 09:24:13 -0300 From: Wesley To: freebsd-net@freebsd.org In-Reply-To: MIME-Version: 1.0 References: Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Subject: route-to not working X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 20 Mar 2008 12:50:13 -0000 Dear people, I have 2 links on a box, and I don't want to load balance it but, only to reply requests in the same interface that it comes. I tried to use the route-to, but it not seems to work. Could you please, give-me a help? It's my configuration: set skip on lo0 scrub on xl0 reassemble tcp no-df random-id scrub on xl1 reassemble tcp no-df random-id scrub on dc0 reassemble tcp no-df random-id nat on xl0 from 172.16.0.0/24 to any -> (xl0) static-port rdr on dc0 inet proto tcp to port 80 -> 127.0.0.1 port 3128 round-robin sticky-address antispoof quick for {xl0,dc0,xl1} block proto tcp from 172.16.0.0/24 to any port 3128 # Internal Traffic pass in quick on dc0 from any to any pass out quick on dc0 from any to any # Outgoing pass out on xl0 proto tcp all flags S/SA modulate state pass out on xl0 proto { udp, icmp } all keep state pass out on xl1 proto tcp all flags S/SA modulate state pass out on xl1 proto { udp, icmp } all keep state # Pass basic services pass in quick on xl1 proto tcp from any to any port { 22, 21, 1194 } keep state pass in quick on xl0 proto tcp from any to any port { 22, 21, 1194 } keep state pass in on xl0 proto udp from any to any port 53 pass in on xl1 proto udp from any to any port 53 # Pass VPN pass in quick on xl1 proto udp from any to port 1194 keep state pass quick on tun0 # Source nat route pass out log on xl0 route-to ( xl1 200.232.164.1 ) from xl1 to any pass out on xl1 route-to ( xl0 201.83.16.1 ) from xl0 to any # Close block return-rst in log quick on xl0 inet proto tcp from any to any block return-rst in log quick on xl1 inet proto tcp from any to any block return-icmp in log quick on xl0 proto udp from any to any block return-icmp in log quick on xl1 proto udp from any to any block in quick on xl0 all block in quick on xl1 all Best Regards, Wesley Gentine