On Tue, Feb 28, 2006 at 10:38:43AM +1300, Joshua Sandbrook wrote:
> Hello...
>
>
> Ive got two obsd firewalls, A and B. Both are using DSL routers, plugged into
> a nic via a crossover cable... and A and B's default routes are set to the
> DSL routers. A and B are also on the same LAN.
>
> What I want to do, is redirect incoming traffic from A to B, but to have B
> route it back out of A without any NAT. B will further forward the traffic on
> to internal servers. Is this possible? If so, how?
>
> Any suggestions/hints/comments welcome.
>
> Thanks,
> Josh
That's possible using a lot of rdr statements in pf.conf, but the proper
solution is simple: assign the servers their own subnet (or, if this is
not possible, a couple of internal IP addresses - effectively /32
subnets, after all). Then use firewall B as the router for this subnet,
and tell A to route everything to B (route add 192.168.1.0/24
fwb.example.com).
Now, on B, use the reply-to option in pf.conf to route everything out of
fwa.example.com.
Joachim
