Date: Wed, 1 Dec 2021 14:10:35 +0100 From: Franco Fichtner <franco@lastsummer.de> To: =?utf-8?Q?=C3=96zkan_KIRIK?= <ozkan.kirik@gmail.com> Cc: freebsd-pf@freebsd.org Subject: Re: Logging NAT translations and correlating nat & rule logs Message-ID: <C3DF6003-A39A-4C23-9AC5-076D44FC2404@lastsummer.de> In-Reply-To: <CAAcX-AEJ-gc-FWdx_zKS7n8_=n7V98w2Sahvsvu9XLozZP949g@mail.gmail.com> References: <CAAcX-AEJ-gc-FWdx_zKS7n8_=n7V98w2Sahvsvu9XLozZP949g@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi =C3=96zkan, > On 28. Nov 2021, at 8:06 PM, =C3=96zkan KIRIK <ozkan.kirik@gmail.com> = wrote: >=20 > I'm trying to log NAT, BINAT, RDR translations. But the "nat log on > ...." statement only logs the packets after translation is done. So > the information before translation is lost. > Is there a way to log the translation details ? https://github.com/freebsd/freebsd-src/commit/8e496ea1df1 was introduced to address this but has not been moved to stable/12 or stable/13. I see there is some controversy around patches that made it to stable for less so I'd probably advocate to add this patch as well since it solves a longterm issue with NAT logging visibility. Cheers, Franco
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?C3DF6003-A39A-4C23-9AC5-076D44FC2404>