Remote syslog support
-
Hello, is the current TNSR release supporting the configuration of a remote syslog server?
And then the logging of the Deterministic NAT session mapping?
(these are the most important parts required for CGNAT deployment in a small ISP, which I am evaluating)If not, do you have an ETA/Roadmap for it?
thanks!
-
i'm still reading the manual, for the moment i found the restconf API to be interesting
https://docs.netgate.com/tnsr/en/latest/monitoring/index.html
you can configure snmp
i see no info for rsyslog[root@tnsr etc]# curl --request GET \ > --url http://192.168.10.2/restconf/data/netgate-nat:nat-state { "netgate-nat:nat-state": { "parameters": { "translation-buckets": 1024, "translation-memory-size": 134217728, "deterministic": false, "user-buckets": 128, "user-memory-size": 67108864, "max-translations-per-user": 10240, "outside-route-table-name": "ipv4-VRF:0", "inside-route-table-name": "ipv4-VRF:0", "static-mapping-only": false, "forwarding-enabled": true, "timeout-udp": 300, "timeout-tcp_established": 7440, "timeout-tcp_transitory": 240, "timeout-icmp": 60 }, "deterministic": {}, "static": {}, "dynamic": { "pool-table": { "pool-entry": [ { "address": "192.168.150.2" } ] }, "pool-if-table": { "if-entry": [ { "if-name": "WAN" } ] } }, "interface-sides": { "interface-side": [ { "if-name": "LAN", "side": "inside" }, { "if-name": "WAN", "side": "outside" } ] }, "nat64": { "netgate-map:map": { "parameters": { "fragment": { "inner": false, "ignore-df": false }, "icmp": { "source-address": "0.0.0.0" }, "icmp6": { "unreachables": false }, "pre-resolve": { "ipv4": { "next-hop": "0.0.0.0" }, "ipv6": { "next-hop": "::" } }, "security-check": { "enable": true, "fragments": false }, "traffic-class": { "copy": true, "tc": 0 } }, "map-domains": {} } }, "users": { "user": [ { "route-table": "ipv4-VRF:0", "ip-address": "172.16.1.101", "dynamic-number": 4, "static-number": 0, "session": [ { "index": 0, "outside-ip-address": "192.168.150.2", "outside-port": 33781, "inside-ip-address": "172.16.1.101", "inside-port": 59339, "protocol": "udp", "static": false, "last-heard": 36189, "total-bytes": 166, "total-packets": 2, "twice-nat": false, "ext-host-valid": true, "ext-host-address": "91.189.89.198", "ext-host-port": 123, "ext-host-nat-address": "0.0.0.0", "ext-host-nat-port": 0 }, { "index": 1, "outside-ip-address": "192.168.150.2", "outside-port": 52422, "inside-ip-address": "172.16.1.101", "inside-port": 36013, "protocol": "udp", "static": false, "last-heard": 40285, "total-bytes": 166, "total-packets": 2, "twice-nat": false, "ext-host-valid": true, "ext-host-address": "91.189.89.198", "ext-host-port": 123, "ext-host-nat-address": "0.0.0.0", "ext-host-nat-port": 0 }, { "index": 2, "outside-ip-address": "192.168.150.2", "outside-port": 48605, "inside-ip-address": "172.16.1.101", "inside-port": 50078, "protocol": "udp", "static": false, "last-heard": 42334, "total-bytes": 166, "total-packets": 2, "twice-nat": false, "ext-host-valid": true, "ext-host-address": "91.189.89.198", "ext-host-port": 123, "ext-host-nat-address": "0.0.0.0", "ext-host-nat-port": 0 }, { "index": 3, "outside-ip-address": "192.168.150.2", "outside-port": 38556, "inside-ip-address": "172.16.1.101", "inside-port": 58574, "protocol": "udp", "static": false, "last-heard": 38237, "total-bytes": 166, "total-packets": 2, "twice-nat": false, "ext-host-valid": true, "ext-host-address": "91.189.89.198", "ext-host-port": 123, "ext-host-nat-address": "0.0.0.0", "ext-host-nat-port": 0 } ] }, { "route-table": "ipv4-VRF:0", "ip-address": "192.168.150.2", "dynamic-number": 3, "static-number": 0, "session": [ { "index": 4, "outside-ip-address": "192.168.150.2", "outside-port": 55184, "inside-ip-address": "192.168.150.2", "inside-port": 55184, "protocol": "udp", "static": false, "last-heard": 43377, "total-bytes": 0, "total-packets": 1, "twice-nat": false, "ext-host-valid": true, "ext-host-address": "8.8.4.4", "ext-host-port": 53, "ext-host-nat-address": "0.0.0.0", "ext-host-nat-port": 0 }, { "index": 5, "outside-ip-address": "192.168.150.2", "outside-port": 21204, "inside-ip-address": "192.168.150.2", "inside-port": 21204, "protocol": "icmp", "static": false, "last-heard": 41811, "total-bytes": 0, "total-packets": 3, "twice-nat": false, "ext-host-valid": true, "ext-host-address": "8.8.8.8", "ext-host-port": 0, "ext-host-nat-address": "0.0.0.0", "ext-host-nat-port": 0 }, { "index": 6, "outside-ip-address": "192.168.150.2", "outside-port": 34787, "inside-ip-address": "192.168.150.2", "inside-port": 34787, "protocol": "udp", "static": false, "last-heard": 39776, "total-bytes": 0, "total-packets": 1, "twice-nat": false, "ext-host-valid": true, "ext-host-address": "8.8.4.4", "ext-host-port": 53, "ext-host-nat-address": "0.0.0.0", "ext-host-nat-port": 0 } ] } ] } } } -
The upcoming 20.10 release has IPFIX NAT logging which will fill that need for most situations.
