Hello, Stuart.
On 8 October 2009 G. 15:03:13 Stuart Henderson wrote:
> On 2009-09-25, Vadim Zhukov <persg...@gmail.com> wrote:
> > 2. Is it OK if I'll hack it to make possible even crazy rule like
> > this:
> >
> > pass in on $if1 from $a to $b rdr-to $c \
> > route-to ($if3 $gt3) reply-to ($if2 $gt2) dup-to $if4
> >
> > ... or it's not intended to be so, or it's in the work already? All
> > I want is redirecting traffic "smartly" between to uplinks in
> > different networks like:
> >
> > match in on lan to ! <all-locals> port domain \
> > route-to ($fast_if $fast_gw)
> > pass in on lan to ! <all-locals>
>
> I think both of those syntaxes should be expected to work.
There is a problem with syntax BTW: should it act on any "match",
as "tag" does, or just be saved for "pass", as, say, "rdr-to"? I think
the second is right one as it will make "dup-to" work for packets moving
in both directions, not in one as route-to/reply-to/fastroute.
> On 2009-09-25, Vadim Zhukov <persg...@gmail.com> wrote:
> > On 25 September 2009 11:49:48 Henning Brauer wrote:
> >> On 25 September 2009 08:34:03 Vadim Zhukov wrote:
> >> > So as far as I can understand, pf_rule.rdr pool is used for
> >> > route-to/reply-to/dup-to options. Now I have a few stupid
> >> > questions:
> >> >
> >> > 1. Is it intended to have only one address pool for
> >> > rdr-to/route-to/reply-to/dup-to options in the rule? Or did I
> >> > misinterpreted something?
> >>
> >> this was intended but is a bit nasty so we'll go for a seperate
> >> pool for the route stuff (route-to/reply-to/dup-to)
> >
> > Thank you very much for your reply. Should I wait for this change to
> > happen at least until 4.7 branched, or go alone? Just do not want to
> > do unneeded work.
>
> It's definitely needed work, I've talked to a few people who rely
> on route-to/reply-to and can't upgrade some systems for now (or
> worse, already upgraded).
I'm working on patch solving all that problems. It's partly working now
(as Laurent Ghigonis reported to me), but reply-to and dup-to still fail
and rdr-to is broken. Hope I'll finish the patch until end of the week,
but it depends on availability of mine free time. Then I'll just post it
to t...@.
I need to thank specially Ryan McBride and Henning Brauer: they answered
many (stupid) questions and helped me very much in producing a few other
small patches. :)
--
Best wishes,
Vadim Zhukov
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
A: Top-posting.
Q: What is the most annoying thing in e-mail?
