using pf to emulate different source ip's
Ermal Luçi
ermal.luci at gmail.com
Wed Mar 19 17:17:17 UTC 2008
On Wed, Mar 5, 2008 at 7:39 PM, Kuat Eshengazin <eskuat at gmail.com> wrote:
> Hi,
>
>
> I'm testing a device with application layer firewall and one of the features
> requires HTTP connection from multiple IP-addresses.
> Device logs clients ip addresses and then depending on statistic calculation
> tries to do smth with such kind of requests in future (block or pass for
> example)
> Device directly connected to machine with Freebsd 7.0 + pf
>
>
> Is it possible to rewrite source ip addresses with pf?
> Is it possible to pick up source ip addresses from table or list
> randomly/round robin?
>
> I.ve tried to play with nat rules like
> nat on $ext_if inet from $ext_if to any -> 192.168.2.0/24 source-hash
Try it this way.
nat on $interface from self to any -> $iptouse source-hash
> but there was no much success.
>
>
>
> Please CC me when answering.
>
> p.s.
> Currently what i.m doing is simply changing interface ip address by ifconfig
> command before each HTTP request.
>
>
> Thanks in advance
> _______________________________________________
> freebsd-pf at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-pf
> To unsubscribe, send any mail to "freebsd-pf-unsubscribe at freebsd.org"
>
More information about the freebsd-pf
mailing list