On Wed, Mar 5, 2008 at 7:39 PM, Kuat Eshengazin <[EMAIL PROTECTED]> wrote: > Hi, > > > I'm testing a device with application layer firewall and one of the features > requires HTTP connection from multiple IP-addresses. > Device logs clients ip addresses and then depending on statistic calculation > tries to do smth with such kind of requests in future (block or pass for > example) > Device directly connected to machine with Freebsd 7.0 + pf > > > Is it possible to rewrite source ip addresses with pf? > Is it possible to pick up source ip addresses from table or list > randomly/round robin? > > I.ve tried to play with nat rules like > nat on $ext_if inet from $ext_if to any -> 192.168.2.0/24 source-hash Try it this way. nat on $interface from self to any -> $iptouse source-hash
> but there was no much success. > > > > Please CC me when answering. > > p.s. > Currently what i.m doing is simply changing interface ip address by ifconfig > command before each HTTP request. > > > Thanks in advance > _______________________________________________ > [email protected] mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-pf > To unsubscribe, send any mail to "[EMAIL PROTECTED]" > _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-pf To unsubscribe, send any mail to "[EMAIL PROTECTED]"
