[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Changing source address
We have the following setup:
|---------- OpenBSD/PF/CARP-Cluster Firewall
We do load balancing with PF. Some server applications and clients
accessing the server applications "missbehave" and send packet directly
to the server instead to the Firewall by reading the IP-Packet instead
of the protocol header and picking the IP to reply from there.
Is there a way to change the source address of packages sent by the
servers to the client with the IP of the Firewall? I have nothing found
in PF. This way, we can force clients to send their reply to the
Is this bad habit or a common practice?