Ping response going out the wrong interface

[email protected] wrote:

This morning I decided to investigate the source of traffic on one of those
interfaces, and found that my ISP is sending quite a few pings. There is a
block of 8 addresses and all are getting pinged at a slow rate, but repeatedly.
The reason ? The system is sending ping responses out through the other WAN port
and thus get dropped at the far end. To be more specific, an incoming ping on
fxp2 arrives. The system sends the echo reply out fxp1.

I don't know how my pf.conf could create such a situation, the logic for icmp is
very simple:

Nothing to do with pf. ISP machine pings you... your box checks routing table "how do I reach that machine?"... it uses default route which seems likely to point out to ISP#2. I assume you're on DSL/cable? If so, I don't see an easy/scalable solution for you. As a work-around, add a static route to those hosts and/or the network block they live on and have the route point out to ISP#1. That or look at the reply-to option in pf.


Start by posting your ENTIRE ruleset. This is repeated all too often. People who post tiny bits of information here and there... you are all *encouraging* people *not* to help you.