On Thu, 16 May 2013, Julian Elischer wrote:
On 5/15/13 9:52 PM, Daniel Eischen wrote:
On Wed, 15 May 2013, Daniel Eischen wrote:
We need to log all translations from internal IP addresses to
external addresses. It's good enough to have IPv4 to Ipv4
translations for TCP streams, just one log for the start of
each stream.
We're using FreeBSD-9.1-stable and IPFW with userland natd.
The -log option of natd just seems to log statistics, not
any translation information. I can't see any easy way to
do this with ipfw's rule log option either.
Any ideas?
To answer my own question, it looks like I can add an ipfw
rule such as:
divert natd log tcp from INSIDE_NET to any OUTSIDE_NET setup
and that basically gives me what I want.
why not turn on the logging on natd?
I think it has an option for logging new sessions..
I tried the -log option to natd, but it just logged statistics,
not new connection information. natd(8) doesn't show any other
useful options. When I did try natd -log, that was under an
older version of FreeBSD (6.x?), but we just upgraded the system
to 9-stable and I didn't try it again.
--
DE
_______________________________________________
freebsd-hackers@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to "freebsd-hackers-unsubscr...@freebsd.org"
