Untitled

dmz_if = "em1"
lan_if = "em0"
table <dmz> persist { 192.168.19.0/24 }
table <lan> persist { 192.168.1.0/24 }

# NAT
nat on $dmz_if from { 192.168.19.0/24 } to any -> ($dmz_if)
nat on $lan_if from { 192.168.1.0/24 } to any -> ($lan_if)

# Filter rules
pass all
pass in from <dmz> to any rtable 1
pass out from <dmz> to any rtable 1
pass in from <lan> to any rtable 0
pass out from <lan> to any rtable 0

ifconfig_em0="inet 192.168.1.198/24"
ifconfig_em1="inet 192.168.19.236/24"
nginx_enable="YES"
pf_enable="YES"
pf_rules="/etc/pf.conf"
pf_flags=""
pflog_enable="YES"

# Routes
# define default routes
setfib 1 route delete default
setfib 1 route add    default 192.168.19.254
#setfib 1 route add    default 10.1.6.25
setfib 0 route delete default
setfib 0 route add    default 192.168.1.1
#
# assing route tables to interfaces
ipfw -f flush
ipfw add allow    ip from any to any via lo0
#ipfw add setfib 1 ip from any to any via em0
#ipfw add setfib 0 ip from any to any via em1
ipfw add setfib 1 ip from any to any via em1
ipfw add setfib 0 ip from any to any via em0
ipfw add allow    ip from any to any

root@kanneldev:~ # netstat
Active Internet connections
Proto Recv-Q Send-Q Local Address          Foreign Address        (state)
tcp4       0      0 192.168.19.236.http    192.168.1.112.17649    SYN_RCVD

net.fibs: 16