On 2006/01/04 17:00, Mario Beltran wrote: > >Does adding a route to $proxy pointing to $gateway help..? > > Thank you Stuart for you response :) > Do you mean that I have to add an static route manually?
Yes (I usually add static routes in /etc/hostname.hme0, etc.) > I dont want this way, I want that packet filter can do this > > I mean that route-to and reply-to commads were create for this > situations... or I am wrong? You are right, that is what route-to/reply-to are for, but when there is no routing table entry, the packet will be rejected (destination-unreachable) before it even reaches PF. Once PF has control of the packet, route-to/reply-to will be used in preference to the static route. You could point the static route to a non-existent address if one is available (it needs to be on a directly-connected subnet, otherwise attempting to add the route will give an error). Once this is done, you might need to adjust the rules. I don't think you need tagging (unless I mis-understood what you're trying to do). "pfctl -sr -v" is useful to let you check which rules are triggered.
