Date: Wed, 15 May 2013 21:52:31 -0400 (EDT) From: Daniel Eischen <eischen@vigrid.com> To: freebsd-hackers@freebsd.org Subject: Re: Logging natd translations Message-ID: <Pine.GSO.4.64.1305152145320.13653@sea.ntplx.net> In-Reply-To: <Pine.GSO.4.64.1305151718500.12542@sea.ntplx.net> References: <Pine.GSO.4.64.1305151718500.12542@sea.ntplx.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 15 May 2013, Daniel Eischen wrote: > We need to log all translations from internal IP addresses to > external addresses. It's good enough to have IPv4 to Ipv4 > translations for TCP streams, just one log for the start of > each stream. > > We're using FreeBSD-9.1-stable and IPFW with userland natd. > The -log option of natd just seems to log statistics, not > any translation information. I can't see any easy way to > do this with ipfw's rule log option either. > > Any ideas? To answer my own question, it looks like I can add an ipfw rule such as: divert natd log tcp from INSIDE_NET to any OUTSIDE_NET setup and that basically gives me what I want. -- DE
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.GSO.4.64.1305152145320.13653>