-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi Jan, Em 14-09-2010 14:54, Jan Engelhardt escreveu: > On Tuesday 2010-09-14 19:24, Italo Valcy wrote: > >> -----BEGIN PGP SIGNED MESSAGE----- >> Hash: SHA1 >> >> Hi guys! >> >> I'm a newbie in this mainling list, so I'm sorry if this question was >> already asked. >> >> I'd like to have more specific logging output of NAT translation in >> iptables. Is there an way to logging of ORIGINAL_IP/ORIGINAL_PORT + >> TRANSLATED_IP/TRANSLATED_PORT? > > conntrack -E Thank you for the reply. Actually, I wanna something more simple and specific than the command above. Using 'conntrack -E', I still have to parse the package events NEW, UPDATE and DESTROY if I wanna know the of a NAT, for example. Furthermore, with 'conntrack -E', in my opinion, we have an important overhead of the output (it's so many messages to write to stdout - or even redirect to a file)... My ideia is to write a NAT (or conntrack) helper (as a kernel module) that monitors the DESTROY event of a DNAT and try to find out when was the NEW event of the same connection (maybe we have this information in some struct..); then we write a log message (like LOG target does) which contains ip_src-orig/port_src-orig, ip_src-translated/port_src-translated, ip_dst/port_dst, duration of the NAT (a little bit similar to Cisco/Asa NAT logging..). What do you think? Where can I find some documentation to read? Thank you so much for any help! - -- Saudações, Italo Valcy :: http://wiki.dcc.ufba.br/~ItaloValcy -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkyYF4kACgkQfidLqjN6RNGBrgCdGeGdZe4jzY7cR9xM5zNqV/RJ k20AnRl6VKzz31k2vSqgQmL5Tafm931s =bUcw -----END PGP SIGNATURE----- -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html