Date: Mon, 11 Jun 2018 18:23:33 -0400 From: "Kristof Provost" <kristof@sigsegv.be> To: "Fatemeh Mehdizadeh" <mehdizadeh.fatemeh@gmail.com> Cc: freebsd-pf@freebsd.org Subject: Re: pf nat log does not show source and destination port Message-ID: <8F0561C0-67A6-4479-8F0D-72A038CC1280@sigsegv.be> In-Reply-To: <CAJjCBpOSf6NkB=3rN-E3wf1vi63gx1ehVqNrpKU0n3XupsUozA@mail.gmail.com> References: <CAJjCBpOSf6NkB=3rN-E3wf1vi63gx1ehVqNrpKU0n3XupsUozA@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi Fatemeh, On 11 Jun 2018, at 7:51, Fatemeh Mehdizadeh wrote: > Hi all, > I'm using pf to create nat. I'm on FreeBSD9.2. Note that FreeBSD 9.2 is not a supported version. It went out of support at the end of 2014. (See https://www.freebsd.org/security/unsupported.html) I would strongly recommend upgrading to a supported version: https://www.freebsd.org/security/security.html#sup > I want enable logs for > nat translations, so > in pf.cpnf: > > table <mytable> { 20.20.20.2,20.20.20.3,20.20.20.4,20.20.20.5 } > nat log on 'eth0' from { 10.10.10.0/24} to any -> <mytable> > round-robin sticky-address > > After ping request I have a log: > # tcpdump -t -r pflog > IP 20.20.20.3 > 20.20.20.1: ICMP echo request, id 4147, seq 0, length > 64 > pflog logs the entire packet (with a pf-specific header with information about the matched rules), so you can parse whatever information you want out of that. > The problem is that I want my log shows the source port and > destination port and NOT show id, seq and length. > You may get enough information by simply telling tcpdump to be more verbose: # tcpdump -t -v -r pflog (Repeat the ā-vā flag for even more information.) Regards, Kristof
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?8F0561C0-67A6-4479-8F0D-72A038CC1280>