Hello, I've been using pflow in a non-NAT environment (btw, thanks for both the pf support and the "other" OS softflowd), but now I'd like to use it in a NAT configuration.
Is there a particular way pflow needs to be configured to see which of the NAT'ed hosts are talking to which external address? (The way I've configured it[*] it appears that I only see external flows post-NAT.) I see a similar question has been asked before, by Chris Cappuccio on tech@, but I didn't see any answers, so I'm braving a question here. Tor [*] Which has a good chance of being wrong. On 5.2 on an old G4: ext_if="vlan100" int_if="vlan200" dmz_if="vlan300" svc_if="vlan600" .. <block rules here> .. pass out on $ext_if from any to any nat-to ($ext_if) keep state (pflow) pass out on $svc_if keep state (pflow) pass out on $dmz_if keep state (pflow) pass out on $int_if keep state (pflow) # do i need to add (pflow) to these too, perhaps? pass in on $int_if keep state pass in on $dmz_if keep state pass in on $svc_if keep state
