Thanks to all who responded. I had already figured out that the pf nat logs were included in the general pflogs -- I should have made that clear but thanks to those who pointed it out anyway!
On Thu, 2005-04-28 at 09:10 -0500, Chris Green wrote: > > One of the things that I am considering is to not bother with the NAT > > logs at all but instead run Argus <www.qosient.com> on the inside > > interface of the firewall. > > That would be good enough for most cases. You might also have luck with > pfflowd logging to a netflow collector. > > Please post what your eventual solution will be :) I'll almost certainly go with Argus -- the alternatives are just too complicated with the exception of pfflowd is an acceptable alternative. I have just ordered a new box with a big disk to handle the logs. I am also considering writing a cgi script that will provide a simple query interface (for those who live in fear of command lines :) to access the argus logs. Cheers, Russell.
smime.p7s
Description: S/MIME cryptographic signature