PfSense NAT logs

  • hello guys im kinda new to pfSense. Im currently logging NAT translations and the log is too long,with too much info that i dont need. Is there anyway i can define how much and what info i want it to log, like for example, timestamp, intern ip, port, external ip.


  • Hi,
    mee too i'm new to pfsense, I'm trying to find how to log nat translations, can you please explain how you log NAT?


  • I was thinking it would be good if there were some sort of API/Plugin that would pass log info to a script for processing.

    For example I've got a VOIP device that generates a ton of traffic, so much that I have to turn logging off so I don't fill the logs with it.  If I could filter that traffic and get rid of the meaningless entries…. maybe log a few things for historical purposes, and alert errors it would be VERY helpful.

    Sorry that doesn't solve your immediate problem.

  • Hello guys, sorry it took soo long for me to respond, i hope i still can help someone by writing it down now. So this is how i did it. I created some firewall rules to allow the connections i wanted to pass, and doing so  logged DHCP requests and leases with the timestamps, for questions of readability and/or time saving issues, i forwarded this logs to a remote server using rsyslog, you can do this by enabling remote loging on pfSense. On the rsyslog machine i configured graylog to get inputs from rsyslog and pfSense extractors with regex, to filter out the information i really wanted without the overhead of information, than correlating information and i got what i wanted.

    NOTE: This is the way i did it, im still a noob so maybe there is some new ways or other ways to do this faster/better.

    Take care.

Log in to reply