* Stuart Henderson <[email protected]> [2014-10-05 22:49]: > Normal PF logging isn't particularly well-suited to CGNAT-type requirements, > in order to record both the internal address and the nat mapping you need > to log both the inbound and outbound packets and piece it together from the > two separate log entries.
nope, pflog has both the original and the rewritten address(es). -- Henning Brauer, [email protected], [email protected] BS Web Services GmbH, http://bsws.de, Full-Service ISP Secure Hosting, Mail and DNS. Virtual & Dedicated Servers, Root to Fully Managed Henning Brauer Consulting, http://henningbrauer.com/
