[rbak-nsp] (CG)NAT traffic log.
Piotr Łyczba
piotr at telesieci.pl
Mon Feb 15 19:08:39 EST 2016
I have to start using a NAT on SE100 but I have problem with loggin connections.
I have configuration like this:
(…)
nat logging-profile monitor
transport-protocol udp
export-version v9
source 10.32.0.90 port 9000
destination 10.32.0.10 context BGP port 9000
ip nat pool NATPOOL napt logging
logging-profile monitor context BGP
address X.X.X.97 to X.X.X.115
nat policy NAT_POLICY enhanced
! Default class
drop
icmp-notification
! Named classes
access-group NAT-ACL
class NAT1
pool NATPOOL BGP
admission-control tcp
endpoint-independent filtering tcp
endpoint-independent filtering udp
inbound-refresh udp
icmp-notification
(…)
I received packet on my server .10 but when I captured this using (I used nfdump/nfcapd software) I'm not able to read IP src, IP dst and other information. My output is similar to this:
Date flow start Duration Proto Src IP Addr:Port Dst IP Addr:Port Packets Bytes Flows
2016-01-25 20:22:37.000 0.000 0 0.0.0.0:0 -> 0.0.0.0:0 2.4 M 131072 1
2016-01-25 20:22:37.000 0.000 0 0.0.0.0:0 -> 0.0.0.0:0 2.4 M 65536 1
Is it possible to configure some open source collector to catch all information from this flow ?
--
Piotr Łyczba
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/redback-nsp/attachments/20160216/09af5f0b/attachment.html>
More information about the redback-nsp
mailing list