Just did the same thing, this thread helped so I thought I'd share, I took it a small step further.
In pf.conf I'm using these two lines:
Code:
pass out log on $ext1_if label "out_$if"
pass out log on $ext2_if label "out_$if"
in order to mark outgoing traffic on each interface. Then, when that interface goes down, I flush the routes on it and
Code:
pfctl -k label -k "out_$ext1_if"
kill all states associated with the interface. This way some connections get reinitiated and the user never knows something has gone wrong.
I'm pinging the gateway and a host outside my ISP that is likely to always be online, like google.com, so if google doesn't answer, the ISP probably has a problem and I bring down the interface. This has the potential to cause problems if the wrong host is chosen, but I can't figure out a better way to do it and only one interface is brought down at a time.
I'm using a single file with macro definitions that are common to both pf.conf and ifstated.conf, like $ext1_if, $ext1_gw, etc., this way if I have to change something I only have to change it in one place. Also, my run statements in ifstated.conf execute shell scripts, these have the macro file included in them too and send root an email when the state changes.
Tried to be brief, detailed
here.