natlog
Source-natting firewall logging utility
Install
- All systems
-
curl cmd.cat/natlog.sh
- Debian
-
apt-get install natlog - Ubuntu
-
apt-get install natlog - Kali Linux
-
apt-get install natlog - Windows (WSL2)
-
sudo apt-get updatesudo apt-get install natlog - Raspbian
-
apt-get install natlog - Dockerfile
- dockerfile.run/natlog
natlog
Source-natting firewall logging utility
Firewalls like iptables usually offer POSTROUTING source network address translation facilities changing the source address of a host behind the firewall to the address of the host before the firewall. The standard log facilities provided by iptables do not easily allow us to associate addresses behind the firewall to their source-natted equivalents before the firewall. Natlog was designed to fill in that particular niche. When running natlog, messages are sent to the syslog daemon and/or to the standard output stream showing the essential characteristics of the connection using source natting. Here is an example: from Fri 8 22:30:10:55588 until Fri 8 22:40:43:807100: 192.168.19.72:4467 (via: 129.125.90.132:4467) to 200.49.219.180:443 Natlog depends on facilities provided by iptables; work is in progress to generate logs using facilities offered by the pcap library.