diff options
| -rw-r--r-- | interface-definitions/nat.xml.in | 1 | ||||
| -rw-r--r-- | op-mode-definitions/show-log.xml.in | 50 | ||||
| -rw-r--r-- | python/vyos/nat.py | 6 |
3 files changed, 51 insertions, 6 deletions
diff --git a/interface-definitions/nat.xml.in b/interface-definitions/nat.xml.in index 0a639bd80..73a748137 100644 --- a/interface-definitions/nat.xml.in +++ b/interface-definitions/nat.xml.in @@ -141,6 +141,7 @@ </children> </node> #include <include/inbound-interface.xml.i> + #include <include/firewall/log.xml.i> <node name="translation"> <properties> <help>Translation address or prefix</help> diff --git a/op-mode-definitions/show-log.xml.in b/op-mode-definitions/show-log.xml.in index e13270364..c3aa324ba 100644 --- a/op-mode-definitions/show-log.xml.in +++ b/op-mode-definitions/show-log.xml.in @@ -464,12 +464,56 @@ </properties> <command>journalctl --no-hostname --boot --unit lldpd.service</command> </leafNode> - <leafNode name="nat"> + <node name="nat"> <properties> <help>Show log for Network Address Translation (NAT)</help> </properties> - <command>egrep -i "kernel:.*\[NAT-[A-Z]{3,}-[0-9]+(-MASQ)?\]" $(find /var/log -maxdepth 1 -type f -name messages\* | sort -t. -k2nr)</command> - </leafNode> + <children> + <node name="destination"> + <properties> + <help>Show NAT destination log</help> + </properties> + <command>journalctl --no-hostname --boot -k | egrep "\[DST-NAT-[0-9]+\]"</command> + <children> + <tagNode name="rule"> + <properties> + <help>Show NAT destination log for specified rule</help> + </properties> + <command>journalctl --no-hostname --boot -k | egrep "\[DST-NAT-$6\]"</command> + </tagNode> + </children> + </node> + <node name="source"> + <properties> + <help>Show NAT source log</help> + </properties> + <command>journalctl --no-hostname --boot -k | egrep "\[SRC-NAT-[0-9]+(-MASQ)?\]"""</command> + <children> + <tagNode name="rule"> + <properties> + <help>Show NAT source log for specified rule</help> + </properties> + <command>journalctl --no-hostname --boot -k | egrep "\[SRC-NAT-$6(-MASQ)?\]"</command> + </tagNode> + </children> + </node> + <node name="static"> + <properties> + <help>Show NAT static log</help> + </properties> + <command>journalctl --no-hostname --boot -k | egrep "\[STATIC-(SRC|DST)-NAT-[0-9]+\]"</command> + <children> + <tagNode name="rule"> + <properties> + <help>Show NAT static log for specified rule</help> + </properties> + <command>journalctl --no-hostname --boot -k | egrep "\[STATIC-(SRC|DST)-NAT-$6\]"</command> + </tagNode> + </children> + </node> + </children> + <command>journalctl --no-hostname --boot -k | egrep "\[(STATIC-)?(DST|SRC)-NAT-[0-9]+(-MASQ)?\]"</command> + </node> <leafNode name="ndp-proxy"> <properties> <help>Show log for Neighbor Discovery Protocol (NDP) Proxy</help> diff --git a/python/vyos/nat.py b/python/vyos/nat.py index 2ada29add..e54548788 100644 --- a/python/vyos/nat.py +++ b/python/vyos/nat.py @@ -300,12 +300,12 @@ def parse_nat_static_rule(rule_conf, rule_id, nat_type): output.append('counter') - if translation_str: - output.append(translation_str) - if 'log' in rule_conf: output.append(f'log prefix "[{log_prefix}{log_suffix}]"') + if translation_str: + output.append(translation_str) + output.append(f'comment "{log_prefix}"') return " ".join(output) |