I am working with Splunk to setup log for everything I need.
If you for some reason uses the uPnP, an App will open a port in your firewall.
I can not see anyway to log these rules.
A normal NAT rule, you can go to Action and select Log and add a Log prefix.
Since these rules are not static, it have to be in some other ways.
Maybe it can be done use a script?
If there are no way to do it, I du suggest that MikroTik update
/ip upnp
and add possibility to turn on log on dynamic rules there.
Than all new dynamic rules will start logging.
-
-
CZFan
Forum Guru
- Posts: 2098
- Joined:
- Location: South Africa, Krugersdorp (Home town of Brad Binder)
- Contact:
Re: Is there a way to log dynamic Nat rules (uPnP)
Have you tried enabling upnp in /system logging?
Re: Is there a way to log dynamic Nat rules (uPnP)
Yes, I have done.
If you look here: viewtopic.php?f=2&t=137338
you see that I have a view that shows what client who create an uPnP opening in the NAT table of the RouterOS
But this does not log what going through the rule. When turn on logging in the firewall/nat
you will see to what outside IP connecting to the inside IP.
If you look here: viewtopic.php?f=2&t=137338
you see that I have a view that shows what client who create an uPnP opening in the NAT table of the RouterOS
But this does not log what going through the rule. When turn on logging in the firewall/nat
you will see to what outside IP connecting to the inside IP.