routing base on src ip

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

routing base on src ip

Sébastien Morand
Hi,

I'm having a little trouble with routing rule based on source ip address.

Here is small description of my network:

  |------|       |------|
  | lan3 |       | lan2 |
  |------|       |------|
     |               |
|---------|     |---------|     |------|
| router1 |-----| router2 |-----| lan1 |
|---------|     |---------|     |------|
     |               |
 internet        internet

Iwould like to redirect some of lan1 computers by router1 for internet
traffic.

on the routers 192.168.4.1 on router1 (interface vlan1) is talking to
192.168.4.2 on router2 (interface vlan1)
lan1 is 192.168.1.0/24 (vlan0 on router2)
lan2 is 192.168.2.0/24 (vlan2 on router2)
lan3 is 192.168.2.0/24 (vlan0 on router1)

I try the following pf rule:
nolocalnets="{ ! 192.168.2.0/24 }"
specialip="192.168.1.27"
pass in quick from $specialip to $nolocalnets route-to {(vlan1 192.168.4.1)}

but this is not working (blocked on syn_sent).

No packet seen on router1 with tcpdump. It's seen on vlan0 on router2 but
not in vlan1, so what I missing?

Thanks by advance,
Sébastien
Loading...