Routing router-originating traffic via route-to rules

[Stefan]

Hi

I've googled this one to bits and pulled out quite a lot of hair: 
Basically I need a way to route, using "route-to" filter rules, the 
traffic originating on the freebsd router itself. The problem with doing 
this is that pf only sees the packets on their way out, when an outbound 
interface has already been chosen by the routing tables. Therefore pf's 
route-to rules have no effect on locally originating traffic.

I've tried several approaches to get around this. They all center around 
looping back the router's traffic before routing it out, so that pf can 
see the packets as inbound once before they get routed properly. This 
means changing the default route to one of the tried loopbacks, then 
using pf filter rules coming in on the chosen loopback of bridge. I've 
tried this using bridged netgraph and tap interfaces, and using loopback 
interfaces. I've also tried it using a loopback interface with an IP on 
a unique subnet, to keep the packets from routing through lo0.

Please, I'm desperate to get this working! Has anyone done this type of 
thing successfully or does anyone have any idea how to get it working? 
I'd think that this would be a fairly common requirement, if not for 
routing then at least for filtering outbound (router) traffic...