ipfilter quirk

[John Klos <john%ziaspace.com@localhost>]

Hi,

I've noticed a quirk with ipfilter which I don't recall existing before. 
If one has an interface, say wm0, which has an address and an alias, and 
one wants to switch between default gateways which are reached by either 
the address or the alias, that works fine.

If one uses ipfilter's NAT and expects traffic to be rewritten to the 
default gateway currently in use, it doesn't work, even after ipf -y and 
reloading NAT rules. Even explicitly using NAT rules like this doesn't 
work:

map wm0 10.0.0.0/24 -> (aliasaddress)/32

So, NAT rewrites to the original, non-alias address regardless of the NAT 
rules or the actual gateway in use. However, this works:

route delete default
ifconfig wm0 delete (removes mainaddress)
ifconfig wm0 delete (removes aliasaddress)
ifconfig wm0 inet (aliasaddress) netmask x.x.x.x
ifconfig wm0 inet (mainaddress) netmask x.x.x.x alias
route add default (aliasaddress' default gateway)

After this, ipfilter's NAT rewrites to the alias address.

Is this behavior expected? Is there some better way to switch?

Thanks,
John Klos
--
I seriously doubt that ANY email client will ever duplicate the
functionality of Outlook. Its ability to run foreign code is unparalleled.
Even if someone can duplicate that, building a security system into Unix
to allow the email client to have unfettered access to all of the system's
resources is a daunting task in itself, and could take years to duplicate.
	- John Klos