Well thanks to everyone who help me coming close to using multiple external links for internet. but its still not working, my scenario is that i have 2 ISP's connection now the main internet connection is the powerful one which i only want to use for specific protocols which i have defined in a macro called ports now rest is supposed to goto to my 2nd internet connection which is a weak & cheap connection basically there to allow p2p applications access. Main internet is ext_if1 (xl0) slow internet is ext_if2 (xl2) LAN is int_if (xl1) now the problem is that when ever i apply my pf.conf file all the traffic goes to 2nd slow internet connection.
my pf.conf file lan_net = "10.0.0.0/16" int_if = "xl1" ext_if1 = "xl0" ext_if2 = "xl2" ext_gw1 = "192.168.0.1" ext_gw2 = "203.81.235.1" chadd = "10.0.0.1" ports = " 22 25 53 80 110 119 123 143 443 465 554 900 995 1755 1863" table <allowedclients> persist file "/etc/allowedclients" nat on $ext_if1 inet proto {tcp, udp } from <allowedclients> to any port \ { $ports } -> ($ext_if1) nat on $ext_if2 inet proto {tcp, udp } from <allowedclients> to any \ -> ($ext_if2) rdr on $int_if proto tcp from <allowedclients> to any port 80 -> $chadd port 8080 pass out log on $int_if from any to $lan_net pass in log quick on $int_if from $lan_net to $int_if pass in log on $int_if route-to { ($ext_if2 $ext_gw2) } from \ $lan_net to any flags S/SA keep state pass in log on $int_if route-to { ($ext_if1 $ext_gw1) } inet proto tcp from \ $lan_net to any port {$ports} flags S/SA keep state pass out log on $ext_if2 proto tcp from any to any flags S/SA modulate state pass out log on $ext_if2 proto { udp, icmp } from any to any keep state pass out log on $ext_if1 proto tcp from any to any flags S/SA modulate state pass out log on $ext_if1 proto { udp, icmp } from any to any keep state pass out log on $ext_if2 route-to ($ext_if1 $ext_gw1) from $ext_if1 to any pass out log on $ext_if1 route-to ($ext_if2 $ext_gw2) from $ext_if2 to any this is what happens bash-3.1# tcpdump -nettipflog0 tcpdump: WARNING: pflog0: no IPv4 address assigned tcpdump: listening on pflog0, link-type PFLOG 1169566778.398818 rule 18/(match) pass out on xl2: 203.81.235.185.5698 > 8.7.232.215.80: [|tcp] (DF) 1169566778.553623 rule 18/(match) pass out on xl2: 203.81.235.185.13550 > 66.249.91.83.80: [|tcp] (DF) 1169566779.005110 rule 18/(match) pass out on xl2: 203.81.235.185.16245 > 209.0.144.87.80: [|tcp] (DF) 1169566779.102642 rule 1/(match) pass in on xl1: 10.0.2.41.1601 > 10.0.0.1.8080: [|tcp] (DF) 1169566779.105302 rule 18/(match) pass out on xl2: 203.81.235.185.5672 > 216.143.70.77.80: [|tcp] 1169566779.167718 rule 1/(match) pass in on xl1: 10.0.1.24.2402 > 10.0.0.1.8080: [|tcp] (DF) 1169566779.170640 rule 18/(match) pass out on xl2: 203.81.235.185.11598 > 64.40.101.40.80: [|tcp] (DF) 1169566779.457058 rule 2/(match) pass in on xl1: 10.0.2.7.2328 > 125.23.47.31.3460: [|tcp] (DF) 1169566779.457112 rule 21/(match) pass out on xl0: 10.0.2.7.2328 > 125.23.47.31.3460: [|tcp] (DF) 1169566779.615288 rule 18/(match) pass out on xl2: 203.81.235.185.33595 > 209.0.144.88.80: [|tcp] (DF) 1169566779.700708 rule 18/(match) pass out on xl2: 203.81.235.185.42575 > 72.14.209.85.80: [|tcp] (DF) 1169566779.994302 rule 1/(match) pass in on xl1: 10.0.2.8.4265 > 10.0.0.1.8080: [|tcp] (DF) 1169566780.005425 rule 18/(match) pass out on xl2: 203.81.235.185.31337 > 72.14.209.86.80: [|tcp] (DF) 1169566780.174899 rule 18/(match) pass out on xl2: 203.81.235.185.27385 > 8.2.96.67.80: [|tcp] (DF) 1169566780.475037 rule 2/(match) pass in on xl1: 10.0.1.19.138 > 10.0.255.255.138: udp 201 1169566780.475089 rule 22/(match) pass out on xl0: 10.0.1.19.138 > 10.0.255.255.138: udp 201 1169566780.652249 rule 18/(match) pass out on xl2: 203.81.235.185.44777 > 8.7.232.215.80: [|tcp] (DF) 1169566780.884663 rule 1/(match) pass in on xl1: 10.0.2.8.4266 > 10.0.0.1.8080: [|tcp] (DF) 1169566780.889225 rule 18/(match) pass out on xl2: 203.81.235.185.44736 > 72.14.217.189.80: [|tcp] (DF) 1169566780.920559 rule 2/(match) pass in on xl1: 10.0.3.6.3273 > 64.182.172.11.8585: [|tcp] (DF) 1169566780.920608 rule 21/(match) pass out on xl0: 10.0.3.6.3273 > 64.182.172.11.8585: [|tcp] (DF) 1169566780.927934 rule 18/(match) pass out on xl2: 203.81.235.185.2945 > 66.249.91.18.80: [|tcp] (DF) 1169566781.046297 rule 2/(match) pass in on xl1: 10.0.1.11.137 > 10.0.255.255.137: udp 50 1169566781.046351 rule 22/(match) pass out on xl0: 10.0.1.11.137 > 10.0.255.255.137: udp 50 1169566781.141521 rule 18/(match) pass out on xl2: 203.81.235.185.6110 > 209.0.144.87.80: [|tcp] (DF) 1169566781.389933 rule 2/(match) pass in on xl1: 10.0.4.19.137 > 10.0.255.255.137: udp 68 1169566781.390009 rule 22/(match) pass out on xl0: 10.0.4.19.137 > 10.0.255.255.137: udp 68 1169566781.505436 rule 18/(match) pass out on xl2: 203.81.235.185.12893 > 66.249.91.19.80: [|tcp] (DF) 1169566781.634241 rule 18/(match) pass out on xl2: 203.81.235.185.3396 > 209.0.144.88.80: [|tcp] (DF) 1169566782.052176 rule 1/(match) pass in on xl1: 10.0.3.6.3274 > 10.0.0.1.53:[|domain] 1169566782.145289 rule 17/(match) pass in on xl1: 10.0.1.44.1405 > 64.4.37.22.1863: [|tcp] (DF) 1169566782.145340 rule 18/(match) pass out on xl2: 203.81.235.185.60189 > 64.4.37.22.1863: [|tcp] (DF) 1169566782.286339 rule 1/(match) pass in on xl1: 10.0.1.32.1054 > 10.0.0.1.53:[|domain] 1169566782.773519 rule 19/(match) pass out on xl2: 203.81.235.185.37174 > 192.175.48.42.53:[|domain] 1169566783.227876 rule 18/(match) pass out on xl2: 203.81.235.185.12589 > 66.230.155.6.80: [|tcp] (DF) 1169566783.565189 rule 1/(match) pass in on xl1: 10.0.2.41.1603 > 10.0.0.1.8080: [|tcp] (DF) 1169566783.868916 rule 1/(match) pass in on xl1: 10.0.2.8.4267 > 10.0.0.1.8080: [|tcp] (DF) 1169566783.873699 rule 18/(match) pass out on xl2: 203.81.235.185.31607 > 72.14.217.189.80: [|tcp] (DF) 1169566783.939254 rule 18/(match) pass out on xl2: 203.81.235.185.3147 > 66.249.91.83.80: [|tcp] (DF) 1169566783.944207 rule 1/(match) pass in on xl1: 10.0.2.41.1604 > 10.0.0.1.8080: [|tcp] (DF) 1169566783.948180 rule 18/(match) pass out on xl2: 203.81.235.185.39092 > 64.4.15.61.80: [|tcp] (DF) 1169566785.695035 rule 1/(match) pass in on xl1: 10.0.0.5.2305 > 10.0.0.1.8080: [|tcp] (DF) 1169566785.697572 rule 18/(match) pass out on xl2: 203.81.235.185.22226 > 81.95.147.107.80: [|tcp] (DF) 1169566785.776452 rule 1/(match) pass in on xl1: 10.0.2.41.1605 > 10.0.0.1.8080: [|tcp] (DF) 1169566785.930252 rule 1/(match) pass in on xl1: 10.0.2.41.1606 > 10.0.0.1.8080: [|tcp] (DF) 1169566785.935663 rule 18/(match) pass out on xl2: 203.81.235.185.12836 > 209.191.65.8.80: [|tcp] (DF) 1169566786.317411 rule 18/(match) pass out on xl2: 203.81.235.185.16717 > 72.14.209.87.80: [|tcp] (DF) 1169566786.626559 rule 2/(match) pass in on xl1: 10.0.2.44.2212 > 65.43.85.53.6667: [|tcp] (DF) 1169566786.626613 rule 21/(match) pass out on xl0: 10.0.2.44.2212 > 65.43.85.53.6667: [|tcp] (DF) 1169566787.104918 rule 18/(match) pass out on xl2: 203.81.235.185.21187 > 204.13.161.25.80: [|tcp] (DF) 1169566787.113192 rule 17/(match) pass in on xl1: 10.0.2.37.2124 > 207.46.26.36.1863: [|tcp] (DF) 1169566787.113242 rule 18/(match) pass out on xl2: 203.81.235.185.64047 > 207.46.26.36.1863: [|tcp] (DF) my ifconfig command provides bash-3.1# ifconfig lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 33224 groups: lo inet 127.0.0.1 netmask 0xff000000 inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x6 xl0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500 lladdr 00:50:04:03:fa:96 media: Ethernet autoselect (100baseTX full-duplex) status: active inet 192.168.0.2 netmask 0xffffff00 broadcast 192.168.0.255 inet6 fe80::250:4ff:fe03:fa96%xl0 prefixlen 64 scopeid 0x1 xl1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500 lladdr 00:50:04:a0:39:9a media: Ethernet autoselect (10baseT half-duplex) status: active inet 10.0.0.1 netmask 0xffff0000 broadcast 10.0.255.255 inet6 fe80::250:4ff:fea0:399a%xl1 prefixlen 64 scopeid 0x2 xl2: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500 lladdr 00:10:5a:22:64:c7 groups: egress media: Ethernet autoselect (100baseTX full-duplex) status: active inet6 fe80::210:5aff:fe22:64c7%xl2 prefixlen 64 scopeid 0x3 inet 203.81.235.185 netmask 0xffffff00 broadcast 203.81.235.255 pflog0: flags=141<UP,RUNNING,PROMISC> mtu 33224 enc0: flags=0<> mtu 1536 i did update to OpenBSD current would be great full if you help me out. Regards *:$., 88,.$:*(((*$ Stingray *:$., 88,.$:*((*$ ____________________________________________________________________________________ Need a quick answer? Get one in minutes from people who know. Ask your question on www.Answers.yahoo.com