Date: Thu, 27 Oct 2016 19:23:38 +0000 From: James Morris <jamesmorris8@outlook.com> To: "freebsd-pf@freebsd.org" <freebsd-pf@freebsd.org> Subject: Re: Forcing a route using pf Message-ID: <BM1PR01MB02099B2E0C2201991837E7EA8CAA0@BM1PR01MB0209.INDPRD01.PROD.OUTLOOK.COM> In-Reply-To: <20161027142417.GI51420@home.opsec.eu> References: <BM1PR01MB020932CF4F49E57B708182A58CAA0@BM1PR01MB0209.INDPRD01.PROD.OUTLOOK.COM> <20161027140324.GH51420@home.opsec.eu> <BM1PR01MB0209A82FCDD79E7FB9616B798CAA0@BM1PR01MB0209.INDPRD01.PROD.OUTLOOK.COM>, <20161027142417.GI51420@home.opsec.eu>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi,
While this does solve the issue of pushing traffic through igb0, however an=
y income connections to igb1 from server B also get shunted out igb0.
I was wondering if there is a way to do this in pf.
This way I can say for any outbound connections to B use igb0, but if B con=
tacts me on igb1 reply with the same IP.
Further I could probably restrict outbound by tcp ports too.
Thanks for the help.
James
From: Kurt Jaeger <lists@opsec.eu>
Sent: 27 October 2016 14:24
To: James Morris
Cc: freebsd-pf@freebsd.org
Subject: Re: Forcing a route using pf
=A0 =20
Hi!
On Server A:
route add -host 10.10.10.100 10.0.0.1
On Server B:
route add -net 10.0.0.0/24 10.10.10.1
--=20
pi@opsec.eu=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0 +49 171 3101372=A0=A0=A0=A0=A0=
=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0 4 years to go !
=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?BM1PR01MB02099B2E0C2201991837E7EA8CAA0>