Friday, January 01, 2021

PF route-to and divert-packet

Hi Misc,

I'm trying to use policy based routing (route-to) with divert-packet feature.
I'm just using example code written at divert's man page. (man divert)
I've two WAN interfaces which are pppoe0(default gw) and pppoe.
Those pf rules works below:
#
pass in log quick on vether10 inet proto udp from 10.10.10.52 to any port 53
pass in log quick on vether10 inet proto tcp from 10.10.10.52 to any port { 80 443 } route-to (pppoe1 (pppoe1))
pass out log quick on pppoe1 inet proto tcp from 10.10.10.52 to any nat-to (pppoe1)

But when I add divert-packet into NAT lines as this:
pass out log quick on pppoe1 inet proto tcp from 10.10.10.52 to any divert-packet port 700 nat-to (pppoe1)

It fails. What should I do for using route-to (+) divert-packet feature together.
Please help. Thanks.

No comments:

Post a Comment