Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Policy routing limitations ?

    Routing and Multi WAN
    2
    2
    437
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B
      bcvieira last edited by

      Hello,

      I have done several tests with pfsense 2.2.4-RELEASE and it seems the policy routing capacities of the pfsense only works when connections are initiated from the interface where the rule is applied, if I want to policy routing only the responses of a http server it doesn't work.

      I want to change the default gw (or next hop) of http responses, i have created the rule from servers source_port_80 defaultgw _is_other ….. , but the rule is simply not applied and the apache traffic keeps going to the default gw, but if I mannualy generate the traffic on the server with netcat and use source port 80 it works because it's a new connection and not a response from a established one.

      Is this a bug or a limitation of the pfsense ?

      Thanks.

      1 Reply Last reply Reply Quote 0
      • jimp
        jimp Rebel Alliance Developer Netgate last edited by

        Policy routing is a per connection action, not a per-packet action. Once a state is made the decision has been made and stored in the state, you can't take different action on reply packets.

        Although what you're suggestion wouldn't really work even if that were possible. What exactly are you attempting to accomplish?

        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • First post
          Last post