1) edit /etc/pf.conf, then run #pfctl -f /etc/pf.conf. Of course you also have to determine $ and <> variables first.
# Ignore IGMP log
# You can add this line if many IGMP packets bothering you.
pass in on $int_if proto igmp all allow-opts
# Port mapping
pass in log on $ext_if proto tcp from <access_list> to $ext_ip port 22 rdr-to $inside_server_ip port 22
2) view pf log as follows.
# tcpdump -n -e -ttt -r /var/log/pflog
No comments:
Post a Comment