I don't think PF can (currently) do this. A easier/better solution would be to run a socks server on one of the boxes and use socks on the others as clients. Then all the connections come from a single PC.
Dom - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Dom De Vitto Tel. 07855 805 271 http://www.devitto.com mailto:[EMAIL PROTECTED] - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Where do you want to go today? Same as every day.... Windows Update. -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Nikolay Denev Sent: Tuesday, February 17, 2004 11:20 PM To: [EMAIL PROTECTED] Subject: Re: Remotely Counting Machines Behind Nat > Hello All, > > It says in the FAQ that using the 'reassemble tcp' scrub option keeps > an observer from guessing how many hosts are behind a NAT gateway. > The main thing I plan to use this for is to prevent my ISP from > finding out I have more than 1 computer connected, and then start asking me to pay more money > for extra IP addresses. Problem is that TCP SYN packets that go though my > NAT/pf box still have OS ambiguities. So my ISP can see that Windows, BSD, > and Linux TCP SYN packets are coming from my cable modem, therefore proving > that I have more than 1 machine, and that I need to be charged accordingly. > > Is there a way with pf to "wash" these ambiguities (window size, syn packet > size, etc) away so that all outgoing TCP packets look the same? Maybe even > set them to user-defined variables, as we already can with 'max-mss' > and 'min-ttl'? > > Thanks for your time. > Aaron > > Tell them that you have several operating systems, and you run them simultaneously under vmware. :) :) :) --nd
