Logging natd translations
Daniel Eischen
eischen at vigrid.com
Thu May 16 01:52:33 UTC 2013
On Wed, 15 May 2013, Daniel Eischen wrote:
> We need to log all translations from internal IP addresses to
> external addresses. It's good enough to have IPv4 to Ipv4
> translations for TCP streams, just one log for the start of
> each stream.
>
> We're using FreeBSD-9.1-stable and IPFW with userland natd.
> The -log option of natd just seems to log statistics, not
> any translation information. I can't see any easy way to
> do this with ipfw's rule log option either.
>
> Any ideas?
To answer my own question, it looks like I can add an ipfw
rule such as:
divert natd log tcp from INSIDE_NET to any OUTSIDE_NET setup
and that basically gives me what I want.
--
DE
More information about the freebsd-hackers
mailing list