Dima Dorfman wrote:
I don't think it ever worked the way you described. The source IP
address doesn't usually affect how replies will be routed on the way
out.
Then what would be the reason to bind a connection to a specific source
address? We do
ping -S A.B.C.D x.y.z.t
to make ping send packets to x.y.z.t over A.B.C.D's interface (and
source address) or
telnet -s A.B.C.D x.y.z.t
I believe binding an IP's source address to an interface address
(instead of INADDR_ANY) is to make packets go out from *that* interface,
not the default gw.
You can fix this with policy routing rules. Here's an example with PF:
: pass out quick route-to ($other_if $other_gw) from ($other_if)
I really am an ipfilter fan. It's greate that pf support this. But I
think ipfilter doesn't yet. At least not the version I'm using (v3.4.35).
-Brian
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
