Date: Thu, 20 Oct 2022 09:13:24 +0200 From: Guy Brand <gb@unistra.fr> To: pf@freebsd.org Subject: Re: logging NAT sessions (connection tracking) Message-ID: <Y1D1FPs3Z/tgc9cn@unistra.fr> In-Reply-To: <bcf956ba-5024-3f3d-2142-c63208d55c27@comcast.net> References: <bcf956ba-5024-3f3d-2142-c63208d55c27@comcast.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Oct 11, 2022 at 10:53 -0700, fddi wrote: Hello, > I foudn no obvious or easy way to log NAT sessions. > I have a bunch of NAT boxes implementd with FreeBSD 13.1 and PF. > I need to log NAT sessions but so far I still have to figure out a good way > to do it. > > I ended up using this: > https://github.com/italovalcy/pfnattrack > > but I am not sure it is working well. It seems like not to be "Real time" > and logs are delayed. > > Any way I could do something similar with pflog ? > Anybody has a working solution for NAT session logging ? We've been using pfnattrack, slightly modified, for several years now and it does the job. It's deployed to log NAT sessions on our campus wifi infrastructure with thousands of clients connecting every day. I can share our modifications here if there is an interest. We did not found something else that would do the job (pflog based or not). Regards -- Guy
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Y1D1FPs3Z/tgc9cn>