> > Hi misc@, > > > > I have a cluster of firewall running based on pf, relayd, pfsync and > > carp. > > > > Everything works perfectly, thanks to OpenBSD and the brilliant > > developers behind it! :-) > > > > However, I've got a question where I don't seem to find the answer to > > myself: > > > > There's a public (carped) IP (set up in relayd.conf) listing on port > > 80, redirecting traffic to two web servers in the back end. > > > > Now I need an IP or IP range that is *excluded* from being load > > balanced. Traffic from this IP(s) should be redirected to only one > > (the first) of those web servers, as IP from this traffic is the web > > server admin who feeds the machines. He has to be connected to the > > same machine every time (due to some differences on the web servers > > and the 'direction' the data and databases are synced). > > pass in quick on $ext_if from <spec-ips> to $ext_web_ip rdr-to $int_web_ip > anchor "relayd/*"
That was exactly what I was searching for, thank you very much! In fact, I forgot to 'rdr' the traffic, as relayd does. Thanks again, Donald > -- > Best wishes, > Vadim Zhukov > > A: Because it messes up the order in which people normally read text. > Q: Why is top-posting such a bad thing? > A: Top-posting. > Q: What is the most annoying thing in e-mail? ;) -- Jetzt kostenlos herunterladen: Internet Explorer 8 und Mozilla Firefox 3 - sicherer, schneller und einfacher! http://portal.gmx.net/de/go/chbrowser
