Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Policy routing limitations ?

    Scheduled Pinned Locked Moved Routing and Multi WAN
    2 Posts 2 Posters 664 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B
      bcvieira
      last edited by

      Hello,

      I have done several tests with pfsense 2.2.4-RELEASE and it seems the policy routing capacities of the pfsense only works when connections are initiated from the interface where the rule is applied, if I want to policy routing only the responses of a http server it doesn't work.

      I want to change the default gw (or next hop) of http responses, i have created the rule from servers source_port_80 defaultgw _is_other ….. , but the rule is simply not applied and the apache traffic keeps going to the default gw, but if I mannualy generate the traffic on the server with netcat and use source port 80 it works because it's a new connection and not a response from a established one.

      Is this a bug or a limitation of the pfsense ?

      Thanks.

      1 Reply Last reply Reply Quote 0
      • jimpJ
        jimp Rebel Alliance Developer Netgate
        last edited by

        Policy routing is a per connection action, not a per-packet action. Once a state is made the decision has been made and stored in the state, you can't take different action on reply packets.

        Although what you're suggestion wouldn't really work even if that were possible. What exactly are you attempting to accomplish?

        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.