Well, I thought I had this issue worked out, but my pf rules aren't
evaluating as I expected them to:
PF Rules: (rule number prepended, these are the _last_ 6 lines in my pf.conf)
39:pass out quick log on em0 from 172.16.0.1 route-to (em0 192.168.0.1)
40:pass out quick log on em1 from 172.16.1.1 route-to (em1 10.10.0.1)
41:pass out log on em0
42:pass out log on em1
43:pass out log on em0 from em1 route-to (em1 10.10.0.1)
44:pass out log on em1 from em0 route-to (em0 192.168.0.1)
Tests:
$ traceroute -s 172.16.0.1 -n google.com
Tcpdump pflog0 output:
Aug 27 15:35:16.418090 rule 42/(match) pass out on em1: 172.16.0.1.34561>
74.125.45.106.33438: udp 12
Aug 27 15:50:01.658596 rule 41/(match) pass out on em0: 172.16.0.1.63615>
74.125.45.103.33444: udp 12
Why are these packets not being caught by rule 39 and always going out the em0
gateway?
