aabc
commented
3 years ago This is consequence of what information is available at the time of reporting a flow (in the iptables target).
Open gnought opened 3 years ago
aabc
commented
3 years ago This is consequence of what information is available at the time of reporting a flow (in the iptables target).
Adding netflow capture on PREROUTING and POSTROUTING chains, I found that the netflow v9 flow record does not contain
postNATfields. They are only in NAT events.Is it by design? Can those fields be added to get pre-snat and post-dnat information in flow records?