[Dovecot] Log NAT IP address?

David Ledger david.ledger at ivdcs.co.uk
Mon Oct 1 10:58:30 EEST 2012


At 09:33 -0500 30/9/12, Jack Bates wrote:
>On 9/30/2012 8:02 AM, Charles Marcus wrote:
>>  Hi Timo/everyone,
>>
>>  Currently we are logging the remote IP, but is there a way to show 
>>the IP address that the NAT connection is coming from?
>>
>>  The reason I ask is, we are changing ISPs, and I would like to see 
>>in the logs when an external connection is coming from our OLD ISP 
>>connection, and when it is coming through our new one.
>>
>>  We have a Watchguard firewall, and I have both External 
>>connections setup and working, and have just pointed our DNS 
>>records to the new public IP, and would like to be able to see 
>>which WAN connection/IP they are coming from.
>
>You could bind 2 internal IP Addresses to the server and have each 
>NAT translation go to a different internal IP.
>
>Jack

 From my remembrances of the packet layout there is nowhere in the 
packet for the pre-NAT address to live. The only place the mapping is 
stored is in the internal tables of the NAT router which has to know 
where to send the reply packets.

David


-- 
David Ledger - Freelance Unix Sysadmin in the UK.
david.ledger at ivdcs.co.uk
www.ivdcs.co.uk



More information about the dovecot mailing list