I have situation with several ISP, some of which has dynamic gateways (via dhcp). One of working answer in the internet was run dhclient(8) with setfib(1), to write routings to other routing table (or make own dhclient-script which do same task) and than use this table in pf policy routing (using rtable)...
But there is several problems:
1. setfib(1) is located in /usr/sbin and patch from PR 132483 (and almost same for /etc/network.subr) will not be commited at least in near future. In my situation I can patch them myself, but it is not good.
2. good things such as nat-to and rdr-to actions, which can do nat and route to on specified interface are missing in FreeBSD due old PF(4) code. are nat and rdr rules are enough for it?
3. I have complicated pf.conf which uses static routing, so I don't want to rewrite it to other firewall
I need route all traffic from LAN to host xx.xx.xx.xx via ISP2 and all other via ISP1 at least [all other rules will be rewritten simply]
I've stuck here and need help. Thanks
But there is several problems:
1. setfib(1) is located in /usr/sbin and patch from PR 132483 (and almost same for /etc/network.subr) will not be commited at least in near future. In my situation I can patch them myself, but it is not good.
2. good things such as nat-to and rdr-to actions, which can do nat and route to on specified interface are missing in FreeBSD due old PF(4) code. are nat and rdr rules are enough for it?
3. I have complicated pf.conf which uses static routing, so I don't want to rewrite it to other firewall
Code:
LAN -> FW -> ISP1 (static)
|
\--> ISP2 (DHCP)I need route all traffic from LAN to host xx.xx.xx.xx via ISP2 and all other via ISP1 at least [all other rules will be rewritten simply]
I've stuck here and need help. Thanks