From nobody Wed Dec  1 13:23:18 2021
X-Original-To: freebsd-pf@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 3381518AB283
	for <freebsd-pf@mlmmj.nyi.freebsd.org>; Wed,  1 Dec 2021 13:23:30 +0000 (UTC)
	(envelope-from ozkan.kirik@gmail.com)
Received: from mail-ua1-x935.google.com (mail-ua1-x935.google.com [IPv6:2607:f8b0:4864:20::935])
	(using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (2048 bits) client-digest SHA256)
	(Client CN "smtp.gmail.com", Issuer "GTS CA 1D4" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4J40CQ0pm0z4RKh
	for <freebsd-pf@freebsd.org>; Wed,  1 Dec 2021 13:23:30 +0000 (UTC)
	(envelope-from ozkan.kirik@gmail.com)
Received: by mail-ua1-x935.google.com with SMTP id y5so48893652ual.7
        for <freebsd-pf@freebsd.org>; Wed, 01 Dec 2021 05:23:30 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20210112;
        h=mime-version:references:in-reply-to:from:date:message-id:subject:to
         :cc:content-transfer-encoding;
        bh=OVTlO5Axvn4m/AVBB25JnR6Sc3nhaIuNk4X588hfxck=;
        b=XOoBTgfmZxrEiUIjYcOmag8QKL7FyOp6Z9J1TaXAoWve36VIXtC6iGtyF8GNaO3a/8
         sPj8Gny0wutv1jNk3WXEDNLWhJCUH7NI+DK9KSv42v3nqx8cPanpZgbxAbSD/pALs8F/
         4aRfcSleVHIywfl5fzkTXApM73/ztfPtUPVR18P7ZgdQphBXOYG67w0EOs8yJ/RnvgK1
         gBBY0DhyXUcH6r1GEL6tILT6DPVFyUnvnSa1zMZGDxjryA1ADIduIDJbca+jACL7Ij8b
         b2el5HA5ph/9fI95xk1pT982AVQjJp3SInbqU/ylgpDLjlOv/sl/DslaS1fIhgHR4+P0
         LRuA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=x-gm-message-state:mime-version:references:in-reply-to:from:date
         :message-id:subject:to:cc:content-transfer-encoding;
        bh=OVTlO5Axvn4m/AVBB25JnR6Sc3nhaIuNk4X588hfxck=;
        b=bzrrpN4NVq/n7/oW9+MCcTcp1BAbiBfvrmt6FBt+cSkAZeDvWQ+/Ja8Fh2HU0ciMs8
         1gS8tmGAuoXcoitqnvgW1DkehxUbTYGB3wpSwmHjtSokXuPM12UgVuDXCVOxAk/rqKpz
         JCdCVmrIn6WcqPwaleVSEfRqsNlxDQF/pdp/b4Ee74VWqO2JWNvNyziAqnPUJA2ktPph
         b3IgWMqP+f2QlBM6UAJIc2Aq5AXu6K6aahAnu8xQsUz4aqmtKqIx0ky6ct+aAyW8sTtt
         nBdqqTvJPfI3e59as4XcVBY3Vn4SjTQ2hgPyRTQ8I5pOofFcOXa9ZaQm+twq7PYvqMaH
         ALSw==
X-Gm-Message-State: AOAM532PbfRlHpyMrZfNJjPRFUo/7vyy9bg3ME+7MXae4XfoOwUcrT+m
	uEGdlP5muuvW49rdb7/1ib03ffzdgnKju/8qpTKr9V5ZnTo=
X-Google-Smtp-Source: ABdhPJwF0vb+Mxf28jPBpevMkcicTW5iNt/1rLTDbw+p6z6BLSKAtinmK5StCupUBhdeQEB/7f+srUONifcAnQtCLTk=
X-Received: by 2002:ab0:6eca:: with SMTP id c10mr7766093uav.118.1638365009637;
 Wed, 01 Dec 2021 05:23:29 -0800 (PST)
List-Id: Technical discussion and general questions about packet filter (pf) <freebsd-pf.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-pf
List-Help: <mailto:pf+help@freebsd.org>
List-Post: <mailto:pf@freebsd.org>
List-Subscribe: <mailto:pf+subscribe@freebsd.org>
List-Unsubscribe: <mailto:pf+unsubscribe@freebsd.org>
Sender: owner-freebsd-pf@freebsd.org
X-BeenThere: freebsd-pf@freebsd.org
MIME-Version: 1.0
References: <CAAcX-AEJ-gc-FWdx_zKS7n8_=n7V98w2Sahvsvu9XLozZP949g@mail.gmail.com>
 <C3DF6003-A39A-4C23-9AC5-076D44FC2404@lastsummer.de>
In-Reply-To: <C3DF6003-A39A-4C23-9AC5-076D44FC2404@lastsummer.de>
From: =?UTF-8?B?w5Z6a2FuIEtJUklL?= <ozkan.kirik@gmail.com>
Date: Wed, 1 Dec 2021 16:23:18 +0300
Message-ID: <CAAcX-AHdUU47s3E4fitCxCWZ+hfDfi3fPjGq+5sQ7Ff859dKCA@mail.gmail.com>
Subject: Re: Logging NAT translations and correlating nat & rule logs
To: Franco Fichtner <franco@lastsummer.de>
Cc: freebsd-pf@freebsd.org
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Rspamd-Queue-Id: 4J40CQ0pm0z4RKh
X-Spamd-Bar: ----
Authentication-Results: mx1.freebsd.org;
	none
X-Spamd-Result: default: False [-4.00 / 15.00];
	 REPLY(-4.00)[];
	 TAGGED_FROM(0.00)[]
X-ThisMailContainsUnwantedMimeParts: N

Thank you Franco, I'll test it

On Wed, Dec 1, 2021 at 4:10 PM Franco Fichtner <franco@lastsummer.de> wrote=
:
>
> Hi =C3=96zkan,
>
> > On 28. Nov 2021, at 8:06 PM, =C3=96zkan KIRIK <ozkan.kirik@gmail.com> w=
rote:
> >
> > I'm trying to log NAT, BINAT, RDR translations. But the "nat log on
> > ...." statement only logs the packets after translation is done. So
> > the information before translation is lost.
> > Is there a way to log the translation details ?
>
> https://github.com/freebsd/freebsd-src/commit/8e496ea1df1 was introduced
> to address this but has not been moved to stable/12 or stable/13.
>
> I see there is some controversy around patches that made it to stable
> for less so I'd probably advocate to add this patch as well since it
> solves a longterm issue with NAT logging visibility.
>
>
> Cheers,
> Franco