Date: Mon, 09 Jul 2007 18:47:13 +0100 From: Daniel Bye <dan@slightlystrange.org> To: chamnan chaladpat <nanku_@hotmail.com> Cc: freebsd-questions@FreeBSD.org Subject: Re: I need to create PF (NAT) log file. Message-ID: <469274A1.3080208@slightlystrange.org> In-Reply-To: <BAY102-F12C34A5933703419397B4FEF060@phx.gbl> References: <BAY102-F12C34A5933703419397B4FEF060@phx.gbl>
next in thread | previous in thread | raw e-mail | index | archive | help
chamnan chaladpat wrote: > About Network Address Translation. > > I need to create PF log file that has external and local IP address > mapping. > > I need log file that has result like pfctl -ss command. > > How to create it? >From a bit of googling in the archives, I think the easiest way to do this is using packet tags: nat on $ext_if from !($ext_if) to any tag NAT_TRAFFIC -> ($ext_if) pass log on $ext_if tagged NAT_TRAFFIC keep state Note I have only done very cursory testing, but it seems to work. You can follow the logs in the normal way, using tcpdump(1). HTH Dan
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?469274A1.3080208>