* SNAT or SAME logging
@ 2005-06-23 5:13 Wennie V. Lagmay
2005-06-23 14:20 ` Jason Opperisano
0 siblings, 1 reply; 3+ messages in thread
From: Wennie V. Lagmay @ 2005-06-23 5:13 UTC (permalink / raw)
To: netfilter
Hi all,
Im using Iptables (SAME) to translate my private IP address to Public IP
address, I just want to know how can I monitor and log which Public IP
address is used by a specific private IP address.
Example:
-A POSTROUTING -s 192.168.10.0/255.255.255.0 -j SAME --nodst --to
212.xxx.xxx.113-212.xxx.xxx.114
-A POSTROUTING -s 192.168.11.0/255.255.255.0 -j SAME --nodst --to
212.xxx.xxx.115-212.xxx.xxx.116
On the example above private IP block 192.168.10.0/24 was map to used
212.xxx.xxx.113 to 212.xxx.xxx.114. How can I idenfify lets say
192.168.10.10/24 is using xxx.113 or xxx.114 at any given time.
Thank you very much,
Wennie
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: SNAT or SAME logging
2005-06-23 5:13 SNAT or SAME logging Wennie V. Lagmay
@ 2005-06-23 14:20 ` Jason Opperisano
2005-06-23 17:27 ` Wennie V. Lagmay
0 siblings, 1 reply; 3+ messages in thread
From: Jason Opperisano @ 2005-06-23 14:20 UTC (permalink / raw)
To: netfilter
On Thu, Jun 23, 2005 at 08:13:43AM +0300, Wennie V. Lagmay wrote:
> Hi all,
>
> Im using Iptables (SAME) to translate my private IP address to Public IP
> address, I just want to know how can I monitor and log which Public IP
> address is used by a specific private IP address.
>
> Example:
>
> -A POSTROUTING -s 192.168.10.0/255.255.255.0 -j SAME --nodst --to
> 212.xxx.xxx.113-212.xxx.xxx.114
> -A POSTROUTING -s 192.168.11.0/255.255.255.0 -j SAME --nodst --to
> 212.xxx.xxx.115-212.xxx.xxx.116
>
> On the example above private IP block 192.168.10.0/24 was map to used
> 212.xxx.xxx.113 to 212.xxx.xxx.114. How can I idenfify lets say
> 192.168.10.10/24 is using xxx.113 or xxx.114 at any given time.
grep $SRCIP /proc/net/ip_conntrack
the last dst= is the SNAT IP.
-j
--
"Stewie: What the hell is this?
Lois: Stewie that's tuna salad.
Stewie: Really? I could have sworn it was cat food."
--Family Guy
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: SNAT or SAME logging
2005-06-23 14:20 ` Jason Opperisano
@ 2005-06-23 17:27 ` Wennie V. Lagmay
0 siblings, 0 replies; 3+ messages in thread
From: Wennie V. Lagmay @ 2005-06-23 17:27 UTC (permalink / raw)
To: Jason Opperisano, netfilter
Hi Jason,
Is there a way to log it for sucurity reasons.
Thanks,
Wennie
----- Original Message -----
From: "Jason Opperisano" <opie@817west.com>
To: <netfilter@lists.netfilter.org>
Sent: Thursday, June 23, 2005 5:20 PM
Subject: Re: SNAT or SAME logging
> On Thu, Jun 23, 2005 at 08:13:43AM +0300, Wennie V. Lagmay wrote:
> > Hi all,
> >
> > Im using Iptables (SAME) to translate my private IP address to Public IP
> > address, I just want to know how can I monitor and log which Public IP
> > address is used by a specific private IP address.
> >
> > Example:
> >
> > -A POSTROUTING -s 192.168.10.0/255.255.255.0 -j SAME --nodst --to
> > 212.xxx.xxx.113-212.xxx.xxx.114
> > -A POSTROUTING -s 192.168.11.0/255.255.255.0 -j SAME --nodst --to
> > 212.xxx.xxx.115-212.xxx.xxx.116
> >
> > On the example above private IP block 192.168.10.0/24 was map to used
> > 212.xxx.xxx.113 to 212.xxx.xxx.114. How can I idenfify lets say
> > 192.168.10.10/24 is using xxx.113 or xxx.114 at any given time.
>
> grep $SRCIP /proc/net/ip_conntrack
>
> the last dst= is the SNAT IP.
>
> -j
>
> --
> "Stewie: What the hell is this?
> Lois: Stewie that's tuna salad.
> Stewie: Really? I could have sworn it was cat food."
> --Family Guy
>
>
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2005-06-23 17:27 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2005-06-23 5:13 SNAT or SAME logging Wennie V. Lagmay
2005-06-23 14:20 ` Jason Opperisano
2005-06-23 17:27 ` Wennie V. Lagmay
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.