Hi Jason, Is there a way to log it for sucurity reasons. Thanks, Wennie ----- Original Message ----- From: "Jason Opperisano" <opie@xxxxxxxxxxx> To: <netfilter@xxxxxxxxxxxxxxxxxxx> Sent: Thursday, June 23, 2005 5:20 PM Subject: Re: SNAT or SAME logging > On Thu, Jun 23, 2005 at 08:13:43AM +0300, Wennie V. Lagmay wrote: > > Hi all, > > > > Im using Iptables (SAME) to translate my private IP address to Public IP > > address, I just want to know how can I monitor and log which Public IP > > address is used by a specific private IP address. > > > > Example: > > > > -A POSTROUTING -s 192.168.10.0/255.255.255.0 -j SAME --nodst --to > > 212.xxx.xxx.113-212.xxx.xxx.114 > > -A POSTROUTING -s 192.168.11.0/255.255.255.0 -j SAME --nodst --to > > 212.xxx.xxx.115-212.xxx.xxx.116 > > > > On the example above private IP block 192.168.10.0/24 was map to used > > 212.xxx.xxx.113 to 212.xxx.xxx.114. How can I idenfify lets say > > 192.168.10.10/24 is using xxx.113 or xxx.114 at any given time. > > grep $SRCIP /proc/net/ip_conntrack > > the last dst= is the SNAT IP. > > -j > > -- > "Stewie: What the hell is this? > Lois: Stewie that's tuna salad. > Stewie: Really? I could have sworn it was cat food." > --Family Guy > >
