How can you redirect packets to go to the domain that someone is trying to access? I've tried this with no avail.

rdr on $ex proto tcp from any to www.site1.com port 80 -> $http1 port 80
rdr on $ex proto tcp from any to www.site2.com port 80 -> $http2 port 80

Of course, all this did was make any connection to either site rotate as to what site was accessed. Is there a way this can be done? Should I be looking at the NAT instead?

can't you do this with binat

Something new to me. I'll check it out. Thanx elmore. :)

Well, the only reference I'm finding with binat, shows multiple servers with multiple IPs. I need to bind them both with one IP. Any ideas, or docs that could be pointed out?

Yeah, binat maps one IP to another so it's not going to accomplish what you are looking for.

I've thought about the solution to this for a while off and on now and I'm surprised that no one has coded it up yet. Your firewall would have to look at the HTTP 1.1 headers for the target and filter based on that. It seems some sort of proxy could handle this without a terrible amount of overhead (sure there's overhead with this). I know some people use Squid to proxy in front of webservers and you could probably find a way to make it do what you want. If you are trying to load balance the same content on multiple machines then you could use an address pool in PF to handle that.

Another alternative is to use Apache's proxy and rewrite module. You'd have to setup one of the machines up as the master to proxy the others through. I read a little mini-howto over on ntop's website the other day (http://www.ntop.org/UsageNotes.html).