I need to specify the source-ip for syslog messages, without having ip firewall connection tracking enabled.
I use “loopback” IPs for the routers in an ospf network and the messages should always come from the same address.
Christian
you can still use firewall filter rules, you just can’t rely on any connection state. UDP is stateless anyhow.
/ip firewall nat
chain=srcnat action=src-nat to-addresses=10.0.8.1 to-ports=0-65535 dst-address=10.10.10.65
src-address-type=local dst-port=514 protocol=udp
works with connection tracking enabled, but not with tracking disabled.
ah, i thought you meant firewall source ip, not natting. natting doesnt work without conn-track. If you enter a route for the destination syslog server and give it preferred source is it used ? I know 3.x that preferred source doesnt always work as expected.
thats why i want to specify a source-ip for syslog messages.
seems to work, but this is not practicable. A router has at least 2 uplinks and it is possible, that the next hop is reachable, but the syslog-server is not.
Christian