Date: Wed, 19 Mar 2008 17:49:37 +0100 From: "=?ISO-8859-1?Q?Ermal_Lu=E7i?=" <ermal.luci@gmail.com> To: "Kuat Eshengazin" <eskuat@gmail.com> Cc: freebsd-pf@freebsd.org Subject: Re: using pf to emulate different source ip's Message-ID: <9a542da30803190949v3807fa60o5ff14ee6280d72c@mail.gmail.com> In-Reply-To: <e0d9d8fc0803051039n7cb3d768rf34d91ac5a051672@mail.gmail.com> References: <e0d9d8fc0803051039n7cb3d768rf34d91ac5a051672@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Mar 5, 2008 at 7:39 PM, Kuat Eshengazin <eskuat@gmail.com> wrote: > Hi, > > > I'm testing a device with application layer firewall and one of the features > requires HTTP connection from multiple IP-addresses. > Device logs clients ip addresses and then depending on statistic calculation > tries to do smth with such kind of requests in future (block or pass for > example) > Device directly connected to machine with Freebsd 7.0 + pf > > > Is it possible to rewrite source ip addresses with pf? > Is it possible to pick up source ip addresses from table or list > randomly/round robin? > > I.ve tried to play with nat rules like > nat on $ext_if inet from $ext_if to any -> 192.168.2.0/24 source-hash Try it this way. nat on $interface from self to any -> $iptouse source-hash > but there was no much success. > > > > Please CC me when answering. > > p.s. > Currently what i.m doing is simply changing interface ip address by ifconfig > command before each HTTP request. > > > Thanks in advance > _______________________________________________ > freebsd-pf@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-pf > To unsubscribe, send any mail to "freebsd-pf-unsubscribe@freebsd.org" >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?9a542da30803190949v3807fa60o5ff14ee6280d72c>