Nickolay Orekhov
2013-03-12 08:42:44 UTC
Hello, All!
I want to make the following scheme for two ethernet adapters:
en1 address 10.1.1.29, gateway of 10.1.1.252
en2 address 10.2.1.29, gateway of 10.2.1.252
Incoming connections, coming from gateways shoud create state and be
answered to the same gateway.
This can be achieved with:
pass in quick on en1 reply-to (en1 10.1.1.252) keep state
pass in quick on en2 reply-to (en2 10.2.1.252) keep state
That works ok. The problem is with outgoing connections.
I want to duplicate packets going to en1 ( if 10.1.1.252 will be set as
default gateway ) until an answer will come from either en1 or en2.
Then I want to create NAT state and convert packets coming to 10.2.1.29 to
10.1.1.29 to match desired connetion.
Can It be achieved with packet filter?
Regards,Nickolay
P.S. I have a QNX and rather old version of packet filter without "nat-to"
rules.
*spamassassinexception*
I want to make the following scheme for two ethernet adapters:
en1 address 10.1.1.29, gateway of 10.1.1.252
en2 address 10.2.1.29, gateway of 10.2.1.252
Incoming connections, coming from gateways shoud create state and be
answered to the same gateway.
This can be achieved with:
pass in quick on en1 reply-to (en1 10.1.1.252) keep state
pass in quick on en2 reply-to (en2 10.2.1.252) keep state
That works ok. The problem is with outgoing connections.
I want to duplicate packets going to en1 ( if 10.1.1.252 will be set as
default gateway ) until an answer will come from either en1 or en2.
Then I want to create NAT state and convert packets coming to 10.2.1.29 to
10.1.1.29 to match desired connetion.
Can It be achieved with packet filter?
Regards,Nickolay
P.S. I have a QNX and rather old version of packet filter without "nat-to"
rules.
*spamassassinexception*