{"id":6106,"date":"2023-03-13T09:05:58","date_gmt":"2023-03-13T07:05:58","guid":{"rendered":"https:\/\/skeletor.org.ua\/?p=6106"},"modified":"2025-05-20T13:39:15","modified_gmt":"2025-05-20T10:39:15","slug":"natlog-sessions","status":"publish","type":"post","link":"https:\/\/skeletor.org.ua\/?p=6106","title":{"rendered":"[NAT] Log sessions"},"content":{"rendered":"\n<p>\u0412 \u0434\u0430\u043d\u043d\u0456\u0439 \u0441\u0442\u0430\u0442\u0442\u0456 \u0440\u043e\u0437\u0433\u043b\u044f\u043d\u0435\u043c\u043e, \u044f\u043a \u043c\u043e\u0436\u043d\u0430 \u043b\u043e\u0433\u0443\u0432\u0430\u0442\u0438 \u0441\u0435\u0441\u0456\u0457 <strong>NAT <\/strong>\u0432 \u0440\u0456\u0437\u043d\u0438\u0445 \u0444\u0430\u0439\u0435\u0440\u0432\u043e\u043b\u0430\u0445.<\/p>\n\n\n\n<p><strong><mark style=\"background-color:rgba(0, 0, 0, 0)\" class=\"has-inline-color has-blue-color\">iptables<\/mark><\/strong><\/p>\n\n\n\n<p>\u0422\u0443\u0442 \u0454 \u0434\u0435\u043a\u0456\u043b\u044c\u043a\u0430 \u0432\u0430\u0440\u0456\u0430\u043d\u0442\u0456\u0432, \u043f\u043e\u0447\u043d\u0435\u043c\u043e \u0437 \u043d\u0430\u0439\u043d\u0430\u0434\u0456\u0439\u043d\u0456\u0448\u043e\u0433\u043e:<\/p>\n\n\n\n<p><code>conntrack -E --event-mask NEW --any-nat &gt;&gt; \/var\/log\/nat_log<\/code><\/p>\n\n\n\n<p>\u0404 \u0449\u0435 \u043a\u043b\u0430\u0441\u0438\u0447\u043d\u0438\u0439 \u0432\u0430\u0440\u0456\u0430\u043d\u0442<\/p>\n\n\n\n<p><code>iptables -t nat -I PREROUTING 1 -j LOG<br>iptables -t nat -I POSTROUTING 1 -j LOG<br>iptables -t nat -I OUTPUT 1 -j LOG<\/code><\/p>\n\n\n\n<p>\u0430\u043b\u0435, \u044f\u043a \u043f\u0438\u0448\u0443\u0442\u044c \u0443 \u043c\u0435\u0440\u0435\u0436\u0456, \u0447\u0430\u0441\u0442\u0438\u043d\u0430 \u043f\u0430\u043a\u0435\u0442\u0456\u0432 \u043c\u043e\u0436\u0435 \u043d\u0435 \u043f\u043e\u043f\u0430\u0434\u0430\u0442\u0438 \u0432 \u043b\u043e\u0433, \u044f\u043a\u0449\u043e \u0432\u0438\u043a\u043e\u0440\u0438\u0441\u0442\u043e\u0432\u0443\u0432\u0430\u0442\u0438 \u043c\u0430\u0440\u043a\u0443\u0432\u0430\u043d\u043d\u044f \u0430\u0431\u043e \u0434\u043e\u0434\u0430\u0442\u043a\u043e\u0432\u0443 \u043e\u0431\u0440\u043e\u0431\u043a\u0443.<\/p>\n\n\n\n<p><strong><mark style=\"background-color:rgba(0, 0, 0, 0)\" class=\"has-inline-color has-blue-color\">pf<\/mark><\/strong><\/p>\n\n\n\n<p>\u0404 \u0437\u0430\u0441\u0442\u0430\u0440\u0456\u043b\u0438\u0439 <a rel=\"noreferrer noopener\" href=\"https:\/\/github.com\/italovalcy\/pfnattrack\" target=\"_blank\">\u043f\u0440\u043e\u0435\u043a\u0442 <\/a>, \u044f\u043a\u0438\u0439 \u043f\u0440\u0430\u0446\u044e\u0454 \u0432\u0438\u043a\u043b\u044e\u0447\u043d\u043e \u043d\u0430 <strong>BSD<\/strong>-\u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445 (\u043d\u0430 <strong>Solaris <\/strong>&#8211; \u043d\u0456)<\/p>\n\n\n\n<p><strong><mark style=\"background-color:rgba(0, 0, 0, 0)\" class=\"has-inline-color has-blue-color\">ipfw<\/mark><\/strong><\/p>\n\n\n\n<p>\u0422\u0443\u0442 \u043c\u0435\u043d\u0456 \u043d\u0435 \u0432\u0434\u0430\u043b\u043e\u0441\u044f \u043d\u0456\u0447\u043e\u0433\u043e \u0437\u043d\u0430\u0439\u0442\u0438.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>\u0412 \u0434\u0430\u043d\u043d\u0456\u0439 \u0441\u0442\u0430\u0442\u0442\u0456 \u0440\u043e\u0437\u0433\u043b\u044f\u043d\u0435\u043c\u043e, \u044f\u043a \u043c\u043e\u0436\u043d\u0430 \u043b\u043e\u0433\u0443\u0432\u0430\u0442\u0438 \u0441\u0435\u0441\u0456\u0457 NAT \u0432 \u0440\u0456\u0437\u043d\u0438\u0445 \u0444\u0430\u0439\u0435\u0440\u0432\u043e\u043b\u0430\u0445. iptables \u0422\u0443\u0442 \u0454 \u0434\u0435\u043a\u0456\u043b\u044c\u043a\u0430 \u0432\u0430\u0440\u0456\u0430\u043d\u0442\u0456\u0432, \u043f\u043e\u0447\u043d\u0435\u043c\u043e \u0437 \u043d\u0430\u0439\u043d\u0430\u0434\u0456\u0439\u043d\u0456\u0448\u043e\u0433\u043e: conntrack -E &#8211;event-mask NEW &#8211;any-nat &gt;&gt; \/var\/log\/nat_log \u0404 \u0449\u0435 \u043a\u043b\u0430\u0441\u0438\u0447\u043d\u0438\u0439 \u0432\u0430\u0440\u0456\u0430\u043d\u0442 iptables -t nat -I PREROUTING 1 -j LOGiptables -t nat -I POSTROUTING 1 -j LOGiptables -t nat -I OUTPUT 1 -j LOG \u0430\u043b\u0435, \u044f\u043a [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4,5,10,25,12,24],"tags":[],"class_list":["post-6106","post","type-post","status-publish","format-standard","hentry","category-freebsd","category-linux","category-others","category-openbsd","category-routers","category-solaris"],"_links":{"self":[{"href":"https:\/\/skeletor.org.ua\/index.php?rest_route=\/wp\/v2\/posts\/6106","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/skeletor.org.ua\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/skeletor.org.ua\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/skeletor.org.ua\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/skeletor.org.ua\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=6106"}],"version-history":[{"count":2,"href":"https:\/\/skeletor.org.ua\/index.php?rest_route=\/wp\/v2\/posts\/6106\/revisions"}],"predecessor-version":[{"id":6110,"href":"https:\/\/skeletor.org.ua\/index.php?rest_route=\/wp\/v2\/posts\/6106\/revisions\/6110"}],"wp:attachment":[{"href":"https:\/\/skeletor.org.ua\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=6106"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/skeletor.org.ua\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=6106"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/skeletor.org.ua\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=6106"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}