Configuring NAT444 user logging
NAT444 user logs are used for user tracing. The NAT444 gateway generates a user log whenever it assigns or withdraws a port block. The log includes the private IP address, public IP address, and port block. You can use the public IP address and port numbers to locate the user's private IP address from the user logs.
A NAT444 gateway generates NAT user logs when one of the following events occurs:
A port block is assigned.
For NAT444 with static mappings, the NAT444 gateway generates a user log when it translates the first connection from a private IP address.
For NAT444 with dynamic mappings, the NAT444 gateway generates a user log when it assigns or extends a port block for a private IP address.
A port block is withdrawn.
For NAT444 with static mappings, the NAT444 gateway generates a user log when all connections from a private IP address are disconnected.
For NAT444 with dynamic mappings, the NAT444 gateway generates a user log when all the following conditions are met:
All connections from a private IP address are disconnected.
The port blocks (including the extended ones) assigned to the private IP address are withdrawn.
The corresponding mapping entry is deleted.
Before configuring NAT444 user logging, you must configure the custom NAT444 log generation and outputting features. For more information, see Network Management and Monitoring Configuration Guide.
To configure NAT444 user logging:
Step | Command | Remarks | |
---|---|---|---|
1. Enter system view. | system-view | N/A | |
2. Enable NAT logging. | nat log enable [ acl { ipv4-acl-number | name ipv4-acl-name } ] | By default, NAT logging is disabled. The acl keyword does not take effect on NAT444 user logging. | |
3. Enable NAT444 user logging. |
| By default, NAT444 user logging is disabled. You can enable logging for both port block assignment and withdrawal. |