Packets originated from localhost are goes out with FIB 0 and can not be changed. by having two routing tables and rl0, rl1 external, rl2 internal you can: ipfw add 3 setfib 1 from any to any in recv rl2 so packet originated from LAN (rl2) will out with rl1 interface. But packet originated from localhost (from router itself) has FIB = 0. and rule: ipfw add 2 setfib 1 from any to any out xmit rl0 has no effect =( Fix: I suggest that packet is routed and then it put into ipfw. If so you must reroute packet if it have been changed its FIB. You must not put packet to ipfw again, because of this will result next problem: packet will never leave router: ipfw add 1 setfib 1 from any to any out xmit rl0 ipfw add 2 setfib 0 from any to any out xmit rl1 How-To-Repeat: setfib 0 route add default G.A.T.E1 setfib 1 route add default G.A.T.E2 ipfw add 2 setfib 1 from any to any out xmit rl0 ipfw add 3 setfib 1 from any to any in recv rl2 Packets originated from LAN (rl2) will out with rl1 because of FIB =1. (NOTICE ipfw rule 3) But packets originated from router itself will out with rl0, because of FIB=0. and ipfw rule 2 has no any effect because of packet already routed
Responsible Changed From-To: freebsd-bugs->freebsd-net Over to maintainer(s).
batch change: For bugs that match the following - Status Is In progress AND - Untouched since 2018-01-01. AND - Affects Base System OR Documentation DO: Reset to open status. Note: I did a quick pass but if you are getting this email it might be worthwhile to double check to see if this bug ought to be closed.