Hello,
I've been using pflow in a non-NAT environment (btw, thanks for both the pf
support and the other OS softflowd), but now I'd like to use it in a NAT
configuration.
Is there a particular way pflow needs to be configured to see which of the
NAT'ed hosts are talking to which external
You need to place the pflow directive on rules on the inside interface
not on the outside interface to see RFC1918 addresses.
Rules on the outside interface are processed 'post' nat..
NB; 'keep state' is the default, so you don't need to define this
unless you are explicitly setting something
You want revision 1.30 of if_pflow.c
export the original aka untranslated address in pflow
ok florian@ henning@
~ http://www.openbsd.org/cgi-bin/cvsweb/src/sys/net/if_pflow.c#rev1.30
(and by that I don't mean you should backport it to 5.2, upgrading to
5.4 will be much easier - alot has
Awesome, didn't know this had been done :)
On Thu 23 Jan 2014 09:29:38 GMT, Florian Obser wrote:
You want revision 1.30 of if_pflow.c
export the original aka untranslated address in pflow
ok florian@ henning@
~ http://www.openbsd.org/cgi-bin/cvsweb/src/sys/net/if_pflow.c#rev1.30
(and
On Thu, Jan 23, 2014 at 09:29:38AM +, Florian Obser wrote:
You want revision 1.30 of if_pflow.c
export the original aka untranslated address in pflow
ok florian@ henning@
~ http://www.openbsd.org/cgi-bin/cvsweb/src/sys/net/if_pflow.c#rev1.30
(and by that I don't mean you should
5 matches
Mail list logo
