On 7/15/06, Nejc Skoberne <[EMAIL PROTECTED]> wrote:
request is E.F.G.H, the source address of DNS reply is A.B.C.D! That is why
route-to rule doesn't
work any more. If I remember correctly, this is due to the fact, that UDP is
connectionless protocol
and the DNS server doesn't have to bind to
Hello,
I changed the pf.conf a little, so it fits to my needs (I also need multihoming
for a server
which is reachable via forwarded port). So TCP and ICMP work correctly now.
However, I still
have problems with UDP services.
For example, I also run a DNS server on this FreeBSD server. If I try
Hi,
> You need to use reply-to when a packet comes in on the second interface:
> pass in on $UntrustInterface2 reply-to ($UntrustInterface2 $NextHop2)
> keep state
>
> That should get you working, then apply filtering as desired.
Thanks, it started to work as soon as I've added that line into pf
On 7/14/06, Nejc Skoberne <[EMAIL PROTECTED]> wrote:
pass out on $UntrustInterface route-to ($UntrustInterface2 $NextHop2) from
$UntrustInterface2 to any keep state
pass out on $UntrustInterface2 route-to ($UntrustInterface $NextHop1) from
$UntrustInterface to any keep state
I thought this
Hello,
I have a FreeBSD 5.3 server with 2 Internet connections:
- ADSL, ($UntrustInterface): A.B.C.D, $NextHop1: a.b.c.d
- VDSL, ($UntrustInterface2): E.F.G.H, $NextHop2: e.f.g.h
I would like to be able to access server's services via both connections
independently.
ADSL connection is more like
