Hi
Does anyone know how to log a DNAT/SNAT connection? When logging a NAT connection you also want to know the origin source/destination/port of that packet. Is that possible?
Sure. The easiest way to do it is to add a matching log rule just before the nat rule:
iptables -t nat -A POSTROUTING -o $Net_Interface -j LOG --log-prefix "SNAT: "
iptables -t nat -A POSTROUTING -o $Net_Interface -j SNAT --to $Net_IP
Jeff
