All of lore.kernel.org
 help / color / mirror / Atom feed
From: Philip Craig <philipc@snapgear.com>
To: Jonathan Gazeley <jonathan.gazeley@bristol.ac.uk>
Cc: netfilter@vger.kernel.org
Subject: Re: iptables NAT logging
Date: Mon, 05 Nov 2007 10:43:26 +1000	[thread overview]
Message-ID: <472E672E.7010508@snapgear.com> (raw)
In-Reply-To: <472AE429.1060906@bristol.ac.uk>

Jonathan Gazeley wrote:
> My NAT solution is implemented in iptables and works fine. The logging 
> partially works but the problem is this: I am logging pre NAT, and my 
> log shows the internal IP and port, and the destination IP and its port. 
> But it does not show the port used by the NAT box to talk to the 
> external IP. Logging post NAT would never detect any packets. If I was 
> able to long pre and post NAT I would be able to log all the information 
> I need.

conntrack netlink events have the information you want.  Look at either
ulogd2 flow logging, or the conntrack tool with the -E option.


      parent reply	other threads:[~2007-11-05  0:43 UTC|newest]

Thread overview: 12+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2007-11-02  8:47 iptables NAT logging Jonathan Gazeley
2007-11-02  9:33 ` G.W. Haywood
2007-11-02  9:36 ` Martijn Lievaart
2007-11-02 14:59 ` Grant Taylor
2007-11-04  1:46   ` 李伟华
2007-11-06 16:38   ` Jonathan Gazeley
2007-11-06 18:07     ` Grant Taylor
2007-11-07  0:53       ` Philip Craig
2007-11-07  2:29         ` Grant Taylor
2007-11-07  3:01           ` Philip Craig
2007-11-07  3:06             ` Grant Taylor
2007-11-05  0:43 ` Philip Craig [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=472E672E.7010508@snapgear.com \
    --to=philipc@snapgear.com \
    --cc=jonathan.gazeley@bristol.ac.uk \
    --cc=netfilter@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.