Dear people,
I have 2 links on a box, and I don't want to load balance it but, only to
reply requests in the same interface that it comes.
I tried to use the route-to, but it not seems to work.
Could you please, give-me a help?
It's my configuration:
set skip on lo0
scrub on xl0 reassemble tcp no-df random-id
scrub on xl1 reassemble tcp no-df random-id
scrub on dc0 reassemble tcp no-df random-id
nat on xl0 from 172.16.0.0/24 to any -> (xl0) static-port
rdr on dc0 inet proto tcp to port 80 -> 127.0.0.1 port 3128 round-robin
sticky-address
antispoof quick for {xl0,dc0,xl1}
block proto tcp from 172.16.0.0/24 to any port 3128
# Internal Traffic
pass in quick on dc0 from any to any
pass out quick on dc0 from any to any
# Outgoing
pass out on xl0 proto tcp all flags S/SA modulate state
pass out on xl0 proto { udp, icmp } all keep state
pass out on xl1 proto tcp all flags S/SA modulate state
pass out on xl1 proto { udp, icmp } all keep state
# Pass basic services
pass in quick on xl1 proto tcp from any to any port { 22, 21, 1194 } keep
state
pass in quick on xl0 proto tcp from any to any port { 22, 21, 1194 } keep
state
pass in on xl0 proto udp from any to any port 53
pass in on xl1 proto udp from any to any port 53
# Pass VPN
pass in quick on xl1 proto udp from any to port 1194 keep state
pass quick on tun0
# Source nat route
pass out log on xl0 route-to ( xl1 200.232.164.1 ) from xl1 to any
pass out on xl1 route-to ( xl0 201.83.16.1 ) from xl0 to any
# Close
block return-rst in log quick on xl0 inet proto tcp from any to any
block return-rst in log quick on xl1 inet proto tcp from any to any
block return-icmp in log quick on xl0 proto udp from any to any
block return-icmp in log quick on xl1 proto udp from any to any
block in quick on xl0 all
block in quick on xl1 all
Best Regards,
Wesley Gentine
_______________________________________________
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
