Hi Fatemeh,
On 11 Jun 2018, at 7:51, Fatemeh Mehdizadeh wrote:
Hi all,
I'm using pf to create nat. I'm on FreeBSD9.2.
Note that FreeBSD 9.2 is not a supported version. It went out of support
at the end of 2014.
(See https://www.freebsd.org/security/unsupported.html)
I would strongly recommend upgrading to a supported version:
https://www.freebsd.org/security/security.html#sup
I want enable logs for
nat translations, so
in pf.cpnf:
table { 20.20.20.2,20.20.20.3,20.20.20.4,20.20.20.5 }
nat log on 'eth0' from { 10.10.10.0/24} to any ->
round-robin sticky-address
After ping request I have a log:
# tcpdump -t -r pflog
IP 20.20.20.3 > 20.20.20.1: ICMP echo request, id 4147, seq 0, length
64
pflog logs the entire packet (with a pf-specific header with information
about the matched rules), so you can parse whatever information you want
out of that.
The problem is that I want my log shows the source port and
destination port and NOT show id, seq and length.
You may get enough information by simply telling tcpdump to be more
verbose:
# tcpdump -t -v -r pflog
(Repeat the ā-vā flag for even more information.)
Regards,
Kristof
___
freebsd-pf@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-pf
To unsubscribe, send any mail to "freebsd-pf-unsubscr...@freebsd.org"
