Date: Sat, 25 Feb 2006 02:48:21 +0200 From: "Vlad GALU" <vladgalu@gmail.com> To: freebsd-pf@freebsd.org Subject: reply-to doesn't seem to work Message-ID: <79722fad0602241648y24a4d578h23d2ea536d634210@mail.gmail.com>
next in thread | raw e-mail | index | archive | help
I have a machine with two interfaces. On one of them there is a
webserver listening for client connections. The machine's default
route is through the other interface.
Let's assume the interfaces are called if1, if2 and that the
webserver is listening on if2.
I have a rule like this:
pass in quick on $if2 reply-to ($if2 $if2gw) inet proto tcp from
any to ($if2) port =3D 80 flags S/SA keep state.
The replies should leave the box through if2, right ? Well, they
don't. I had to add a rule like this:
pass out quick on $if1 route-to ($if2 $if2gw) inet from ($if2) to any
I can see the reply-to rule creating states, and yet it doesn't
work as advertised. Ideas, anybody ?
--
If it's there, and you can see it, it's real.
If it's not there, and you can see it, it's virtual.
If it's there, and you can't see it, it's transparent.
If it's not there, and you can't see it, you erased it.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?79722fad0602241648y24a4d578h23d2ea536d634210>