On Sat, Jan 29, 2011 at 8:12 PM, roberth <[email protected]> wrote: > I'll point out the most obvious: > Since there are no tagged states, everyone of those three "match" rules > matches and the last one wins.
Hello Robert, Thanks for responding, I have changed the rules to tag packets coming from the laptop but still not getting through the right connection :( This is the modified ruleset: # isp one ext_if1="sis1" # isp two ext_if="sis2" # internal interface int_if="sis0" set skip on lo #QoS on isp2 altq on $int_if cbq bandwidth 25Mb queue q_default queue q_default bandwidth 25Mb cbq(default) altq on $ext_if priq bandwidth 2600Kb queue std_out queue std_out priq(default) # nat for laptop to isp one match on sis1 from 192.168.0.52 to !192.168.0.0/24 tag LAPTOP match out on $ext_if1 from 192.168.0.52 !tagged NO_NAT nat-to (sis1:0) match out on $ext_if1 from 192.168.0.52 nat-to (sis1) # nat for isp two match out on $ext_if from !($ext_if) !tagged NO_NAT nat-to ($ext_if:0) # out with QoS pass out on $ext_if queue std_out pass out on $int_if queue q_default #pass out to isp one from laptop pass out on sis1 tagged LAPTOP block in #pass route to isp one from laptop pass in on $int_if tag LAPTOP keep state route-to sis1 # pass all in pass in on $int_if no state Thanks, Steph
