From nobody Tue Jan 11 17:50:47 2022 X-Original-To: freebsd-pf@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id C695E1938387 for ; Tue, 11 Jan 2022 17:50:59 +0000 (UTC) (envelope-from ozkan.kirik@gmail.com) Received: from mail-ua1-x92c.google.com (mail-ua1-x92c.google.com [IPv6:2607:f8b0:4864:20::92c]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1D4" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4JYJC70zGwz3sh2 for ; Tue, 11 Jan 2022 17:50:59 +0000 (UTC) (envelope-from ozkan.kirik@gmail.com) Received: by mail-ua1-x92c.google.com with SMTP id y4so13270uad.1 for ; Tue, 11 Jan 2022 09:50:59 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=mime-version:from:date:message-id:subject:to; bh=PrIx4L/Zkyc2hrgTzdB2bOa3ZgP/zV5WNmdTXuk7a0c=; b=jEDG9wJXnw8wllOEhYzSyAiEgSccq8isZqhkYReRyzI7k9zN9cVVNA513fyBj2nAJ4 aIY98Aue3tHLosqHXIo+Q3cZ7y2S0E/Qx6ZxNwdDMRU4+idPKfK365fiscKNCA8Pkpd5 f9VQHiCyPcMcb6ZS3/uPxmkhsPf9gAc6+eHJqxzFWXjCeLdcHcGX7GRwsNEKD7MF8mmR E5+H/k7SZMB3cwUZl7guMEZXlgPCq2HmE40B82LhufcfgXmQcrHoc64WhaeonxYLqTwm SPf3pcBCrJuj2BhykY0RdvJsYjJdUxy94kRnIpBr3TAiWIbNGIJeUZW21KpEmHb82cd2 HzWQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=PrIx4L/Zkyc2hrgTzdB2bOa3ZgP/zV5WNmdTXuk7a0c=; b=AogFKHa1meUFKuL+bfoJbThze+rR8qB9ZyouEA7bsm/JZn1/2ejfv+pkG4kxnAU3lx oUrA+NLMmSDxsfZSsp16uncMAPUd3756ChtJqFjs9Aa3tkG6m4begy5YdvAuYw1ZG7fD GprIHcu9kCmRqnX5LBgn9DNg12X8pF+mYVFc+DtxRMGkFHzoeo/xuDcrXz9NUDpmjlpM GM/WkMPgtRV58x3jDCyEQFFHu+CAfnJfT2zSSYlo6P7ZpK2QO6n0nw1djXSdJRDI+3DZ 4y4etdB4dybVSMt4u1q8xfbfsFEvKNwecs4ddqPhQIfiPRta/KftRl2PbZ7I4bx2NTEF Xj4g== X-Gm-Message-State: AOAM533Vh0fgshEekS/38id1VAwSo7w8FdvmGmIzKroMZALltMmbw+gl gAUnXWAaMZAUHozgKDcpbIbJ5kyIo0iqjK6zCvtLxdhx45k= X-Google-Smtp-Source: ABdhPJwsfY497KScZsHasJwYmPBuZ35CZC4yAmIiDp9b2tMQgnxlD62rGeNXQpVEV8BtDQGQCFgWvoMrh8CqcbWyWNk= X-Received: by 2002:a9f:2d98:: with SMTP id v24mr2600197uaj.48.1641923458175; Tue, 11 Jan 2022 09:50:58 -0800 (PST) List-Id: Technical discussion and general questions about packet filter (pf) List-Archive: https://lists.freebsd.org/archives/freebsd-pf List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-pf@freebsd.org X-BeenThere: freebsd-pf@freebsd.org MIME-Version: 1.0 From: =?UTF-8?B?w5Z6a2FuIEtJUklL?= Date: Tue, 11 Jan 2022 20:50:47 +0300 Message-ID: Subject: pflog: ruleset and subrulenr is missing for nat, rdr, binat To: freebsd-pf@freebsd.org Content-Type: text/plain; charset="UTF-8" X-Rspamd-Queue-Id: 4JYJC70zGwz3sh2 X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20210112 header.b=jEDG9wJX; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (mx1.freebsd.org: domain of ozkankirik@gmail.com designates 2607:f8b0:4864:20::92c as permitted sender) smtp.mailfrom=ozkankirik@gmail.com X-Spamd-Result: default: False [-2.10 / 15.00]; RCVD_TLS_ALL(0.00)[]; ARC_NA(0.00)[]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20210112]; NEURAL_HAM_MEDIUM(-0.00)[-0.001]; FROM_HAS_DN(0.00)[]; FREEMAIL_FROM(0.00)[gmail.com]; TO_MATCH_ENVRCPT_ALL(0.00)[]; MIME_GOOD(-0.10)[text/plain]; TO_DN_NONE(0.00)[]; PREVIOUSLY_DELIVERED(0.00)[freebsd-pf@freebsd.org]; RCPT_COUNT_ONE(0.00)[1]; NEURAL_HAM_LONG(-0.19)[-0.187]; MID_RHS_MATCH_FROMTLD(0.00)[]; R_SPF_ALLOW(-0.20)[+ip6:2607:f8b0:4000::/36]; DKIM_TRACE(0.00)[gmail.com:+]; DMARC_POLICY_ALLOW(-0.50)[gmail.com,none]; RCVD_IN_DNSWL_NONE(0.00)[2607:f8b0:4864:20::92c:from]; NEURAL_HAM_SHORT(-0.91)[-0.914]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; FREEMAIL_ENVFROM(0.00)[gmail.com]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]; RCVD_COUNT_TWO(0.00)[2]; TAGGED_FROM(0.00)[]; DWL_DNSWL_NONE(0.00)[gmail.com:dkim] X-ThisMailContainsUnwantedMimeParts: N Hi, I'm using FreeBSD stable/12-n234401-66d9cbc5d269: Mon Dec 27 23:27:28 +03 2021. The ruleset, subrulenr fields are not filled for nat, rdr, binat logs. The basic test is below: # pfctl -sn -a portFwd rdr log (to pflog3) on em0 inet proto tcp from any to 172.16.33.10 port = ssh -> 192.168.33.1 port 22 # tcpdump -leqni pflog3 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on pflog3, link-type PFLOG (OpenBSD pflog file), capture size 262144 bytes 20:40:24.622962 rule 0/0(match): rdr in on em0: 172.16.33.1.33670 > 172.16.33.10.22: tcp 0 # tshark -Tjson -ni pflog3 [Capturing on 'pflog3' ** (tshark:19497) 20:42:08.788099 [Main MESSAGE] -- Capture started. ** (tshark:19497) 20:42:08.788304 [Main MESSAGE] -- File: "/tmp/wireshark_pflog3HHKDF1.pcapng" ... "pflog": { "pflog.length": "69", "pflog.af": "2", "pflog.action": "8", "pflog.reason": "0", "pflog.ifname": "em0", "pflog.ruleset": "", "pflog.rulenr": "0", "pflog.subrulenr": "-1", "pflog.uid": "-1", "pflog.pid": "-1601830656", "pflog.rule_uid": "0", "pflog.rule_pid": "-1190985728", "pflog.dir": "1", "pflog.pad": "00:00:00" }, ... Is there any way to fill ruleset and subrulenr fields for nat, binat and rdr actions ? Regards Ozkan.