NetBSD-Users archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

pf question



Hello, 

we are currently struggling with a pf configuration that we can't seem to get 
working. 

Basically, the challenge is that we have a NetBSD system acting as a router for 
a largish network. Said system has two upstream nodes ('default routes') that 
apply, depending on the ip address that we use. Basically, we have one 
broadband connection that should be used for most every (outgoing) traffic. The 
exception is that the second upstream handles a subnet that we have here, and 
all traffic to and from those addresses should, of course, be going over that 
second link. 

What we've done is added the broadband as the default route, and then had a pf 
rule to the effect of: 

pass out route-to ($ext_if_dsl $dsl_gw) proto tcp from $fixed_ip to any

But this does not work -- the packets just do not go out over the appropriate 
interface. Connecting to something on one of those IP numbers just … has a 
connection that times out. 

What am I missing? What do we need to do? 

Thank you,
 Konrad


Home | Main Index | Thread Index | Old Index