Date: Tue, 28 Dec 2021 13:29:04 +0300 From: =?UTF-8?B?w5Z6a2FuIEtJUklL?= <ozkan.kirik@gmail.com> To: Franco Fichtner <franco@lastsummer.de> Cc: freebsd-pf@freebsd.org Subject: Re: Logging NAT translations and correlating nat & rule logs Message-ID: <CAAcX-AEfgf1UCBw1di8E_xH1i98-ZG99jy2ZOu5ptj2H8tAJQg@mail.gmail.com> In-Reply-To: <5AB60713-21D3-4EFA-B054-2335DAB8FCC7@lastsummer.de> References: <CAAcX-AEJ-gc-FWdx_zKS7n8_=n7V98w2Sahvsvu9XLozZP949g@mail.gmail.com> <C3DF6003-A39A-4C23-9AC5-076D44FC2404@lastsummer.de> <CAAcX-AHdUU47s3E4fitCxCWZ%2BhfDfi3fPjGq%2B5sQ7Ff859dKCA@mail.gmail.com> <CAAcX-AEnDwo7ZMfKoEm1BG6OM-7_uNDyJWSmOqeKMa=WwMx9=A@mail.gmail.com> <CAAcX-AG-3myNw2FTWe=yXE%2Bcan%2BYe3mctbWfx86aMrGXFEvauw@mail.gmail.com> <5AB60713-21D3-4EFA-B054-2335DAB8FCC7@lastsummer.de>
next in thread | previous in thread | raw e-mail | index | archive | help
Yes I confirmed that, there is no "rdr pass" rule within the ruleset. # pfctl -P -sn -a "nat-portForwarding" rdr log (to pflog3) on em0 inet proto tcp from <allowed_sources> to 172.16.33.10 port =3D 22 tag FWD_1 -> 192.168.33.1 port 22 # tcpdump -tttt -leqni pflog3 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on pflog3, link-type PFLOG (OpenBSD pflog file), capture size 262144 bytes 2021-12-28 13:28:02.362191 rule 0/0(match): rdr in on em0: 172.16.33.1.41368 > 172.16.33.10.22: tcp 0 thanks On Tue, Dec 28, 2021 at 1:18 PM Franco Fichtner <franco@lastsummer.de> wrot= e: > > > > On 28. Dec 2021, at 7:57 AM, =C3=96zkan KIRIK <ozkan.kirik@gmail.com> w= rote: > > > > And also, rule number and subrulenr information is missing. > > Have you tried to confirm that this wasn't already the case for > "rdr pass" combinations before? > > > Cheers, > Franco >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAAcX-AEfgf1UCBw1di8E_xH1i98-ZG99jy2ZOu5ptj2H8tAJQg>