* Stuart Henderson <s...@spacehopper.org> [2014-10-05 22:49]: > Normal PF logging isn't particularly well-suited to CGNAT-type requirements, > in order to record both the internal address and the nat mapping you need > to log both the inbound and outbound packets and piece it together from the > two separate log entries.
nope, pflog has both the original and the rewritten address(es). -- Henning Brauer, h...@bsws.de, henn...@openbsd.org BS Web Services GmbH, http://bsws.de, Full-Service ISP Secure Hosting, Mail and DNS. Virtual & Dedicated Servers, Root to Fully Managed Henning Brauer Consulting, http://henningbrauer.com/