using pf to emulate different source ip's
Kuat Eshengazin
eskuat at gmail.com
Wed Mar 5 19:03:22 UTC 2008
Hi,
I'm testing a device with application layer firewall and one of the features
requires HTTP connection from multiple IP-addresses.
Device logs clients ip addresses and then depending on statistic calculation
tries to do smth with such kind of requests in future (block or pass for
example)
Device directly connected to machine with Freebsd 7.0 + pf
Is it possible to rewrite source ip addresses with pf?
Is it possible to pick up source ip addresses from table or list
randomly/round robin?
I.ve tried to play with nat rules like
nat on $ext_if inet from $ext_if to any -> 192.168.2.0/24 source-hash
but there was no much success.
Please CC me when answering.
p.s.
Currently what i.m doing is simply changing interface ip address by ifconfig
command before each HTTP request.
Thanks in advance
More information about the freebsd-pf
mailing list