Thanks!
Remembered something about this section from manual but the title was obviously "misleading" when i rechecked. :-P OK.
So if i get it right.
as for the incoming connections redirected to LAN machines i just
Code:
" rdr pass on $ext_if1 ..."
whatever ext_if i choose. without the round-robin ofc.
and outgoing
Code:
pass in on $int_if route-to \
($ext_if1 $ext_gw1)
from $lan_net to any keep state
i would use ext_if1 as default "outgoing" and if i wanted for example port 28960 from lan machines to go via ext_if2 i would place similar rule as above before it (quick?) like this
Code:
pass in quick on $int_if route-to \
($ext_if2 $ext_gw2) \
proto { udp , tcp } from $lan_net port 28960 to any keep state
pass in on $int_if route-to \
($ext_if1 $ext_gw1)
from $lan_net to any keep state
Some questions.
- just to be sure, so this gateway address ext_gw means each external IF's IP, right? and can i use ext_gw1="($ext_if1)" to get IP or? thinking the case dynamic one would change so..
-
To ensure that packets with a source address belonging to $ext_if1 are always routed to $ext_gw1 (and similarly for $ext_if2 and $ext_gw2), the following two lines should be included in the ruleset:
Code:
pass out on $ext_if1 route-to ($ext_if2 $ext_gw2) from $ext_if2 \
to any
pass out on $ext_if2 route-to ($ext_if1 $ext_gw1) from $ext_if1 \
to any
I don´t get it.
I think ill start the whole ruleset from scratch as this somehow gave me some enlightement (if im right about this. somebody confirm)