Hi Piotr,
I hope you are doing well.
I am using
getfield
to access the IP address digits i.e. as follows:
when CLIENT_ACCEPTED {
snat 10.10.10.[expr ( [getfield [IP::client_addr] "." 4] % 32 ) + 1]
snat 10.10.[getfield [IP::client_addr] "." 3].[getfield [IP::client_addr] "." 4]
}
The second line would apply a SNAT address based on replacing the first three digits the original IP address by "10.10.10." and calculates the last digit by reading the last digit from the original client IP and applies a modulus of 32 + 1 (i.e. turns a 47 into 16 to vary the SNATs in a range of 10.10.10.1 to 10.10.10.32 and persist to this value as long as client IP doesnt change). (Make sure to use a virtual address space or have "real" SNATs configured to avoid ARP issues.)
The third line (commented) is using the original third and fourth digit of the original client IP to define a new SNAT. (Same ARP issues to expect as described above.)
Thanks, Stephan