On Thu, Feb 17, 2011 at 02:37:58PM +0000, Brian Candler wrote: > I wonder if anyone has implemented anything like the following, and if so, > if they can share their experiences of how they did it. [..] > Some of the existing logic I work with makes use of the source IP address of > the packet (i.e. Client-IP-Address), so a simple proxy which resends the > packet would be a problem. I suppose I could put Client-IP-Address into a > real AV. > > Anybody doing anything like this today, or know of any projects which do > this?
I've used a slightly modified version of this script to implement something similar: http://horde.net/~jwm/software/misc/comparison-tee It uses the pcap library to sniff traffic sent a live server, then forwards all packets to a test box and compares responses. You can modify it to reply saved data too. It also allows you to exclude some attributes from comparison. Adding the attribute to pass client ip address to the test server won't be hard to do. -- Szymon Roczniak - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html