PF Possible to pre-determine which gateway a packet will egress from without actually sending the packet?

I am trying to create a script that looks at an existing stateful connection and tries to figure out if it's using the most preferred gateway according to the pf ruleset (policy). Is there a way from a console terminal, to determine what gateway would be used for new connections to a certain proto/IP : port combo? e.g.

e.g. `udp port 51080 -> 65.72.114.13` from the freebsd system/firewall itself...

The only way I thought of doing it was to use `nc` to actually try to send the packet, and then quickly follow it with `pfctl -vvss` and look for the matching state to see which interface. But that seems very fragile... is there any better way?
 
Back
Top