[Dovecot] Log NAT IP address?
Jack Bates
jbates at brightok.net
Mon Oct 1 15:23:38 EEST 2012
On 10/1/2012 2:58 AM, David Ledger wrote:
> At 09:33 -0500 30/9/12, Jack Bates wrote:
>> On 9/30/2012 8:02 AM, Charles Marcus wrote:
>>> Hi Timo/everyone,
>>>
>>> Currently we are logging the remote IP, but is there a way to show
>>> the IP address that the NAT connection is coming from?
>>>
>>> The reason I ask is, we are changing ISPs, and I would like to see
>>> in the logs when an external connection is coming from our OLD ISP
>>> connection, and when it is coming through our new one.
>>>
>>> We have a Watchguard firewall, and I have both External connections
>>> setup and working, and have just pointed our DNS records to the new
>>> public IP, and would like to be able to see which WAN connection/IP
>>> they are coming from.
>>
>> You could bind 2 internal IP Addresses to the server and have each
>> NAT translation go to a different internal IP.
>>
>> Jack
>
> From my remembrances of the packet layout there is nowhere in the
> packet for the pre-NAT address to live. The only place the mapping is
> stored is in the internal tables of the NAT router which has to know
> where to send the reply packets.
>
> David
>
>
Public IP1 -> 192.168.0.33
Public IP2 -> 192.168.0.34
Now we just track the internal address in our logs, since each public IP
is mapped to a different internal IP.
Jack
More information about the dovecot
mailing list