Thank you!! I would appreciate some help interpreting my results as I don't really understand them!! It looks to me like it should be working but I'm not really sure what some of the results mean. (seems some of the characters interpret as smileys when posted....sorry)
I ran nmap with the option nmap -p 44818 x.x.x.146 from my office at x.x.x.34
show security flow session source-prefix x.x.x.34 destination-port 44818
Session ID: 106864, Policy name: PLC_In/14, Timeout: 20, Valid
In: x.x.x.34/55753 --> x.x.x.146/44818;tcp, If: fe-0/0/7.0, Pkts: 1, Bytes: 44
Out: 192.168.168.2/44818 --> x.x.x.34/55753;tcp, If: vlan.0, Pkts: 0, Bytes: 0
Session ID: 107321, Policy name: PLC_In/14, Timeout: 20, Valid
In: x.x.x.34/6144 --> x.x.x.146/44818;tcp, If: fe-0/0/7.0, Pkts: 1, Bytes: 44
Out: 192.168.168.2/44818 --> x.x.x.34/6144;tcp, If: vlan.0, Pkts: 0, Bytes: 0
Total sessions: 2
Here is my show security flow
traceoptions {
file flow-trace;
flag basic-datapath;
packet-filter web_to_trust {
source-prefix x.x.x.34/32;
destination-port 44818;
}
}
tcp-mss {
ipsec-vpn {
mss 1350;
}
}
and the show log flow-trace
Oct 26 12:09:08 DBTS clear-log[38917]: logfile cleared
Oct 26 12:09:19 12:09:19.287796:CID-0:RT:ASL nat rule lookup: src_ip: 192.168.168.103
Oct 26 12:09:19 12:09:19.287796:CID-0:RT:ASL nat rule lookup: dst_ip: 192.168.117.179 port:0
Oct 26 12:09:19 12:09:19.287796:CID-0:RT:ASL nat rule lookup: lsys:0, ifp: vlan.0->st0.1
Oct 26 12:09:19 12:09:19.287796:CID-0:RT:ASL nat rule lookup: src_ip: 192.168.117.179
Oct 26 12:09:19 12:09:19.287796:CID-0:RT:ASL nat rule lookup: dst_ip: 192.168.117.179 port:0
Oct 26 12:09:19 12:09:19.287796:CID-0:RT:ASL nat rule lookup: lsys:0, ifp: st0.1->st0.1
Oct 26 12:09:19 12:09:19.663197:CID-0:RT:ASL nat rule lookup: src_ip: 192.168.168.103
Oct 26 12:09:19 12:09:19.663197:CID-0:RT:ASL nat rule lookup: dst_ip: 192.168.168.103 port:0
Oct 26 12:09:19 12:09:19.663197:CID-0:RT:ASL nat rule lookup: lsys:0, ifp: vlan.0->vlan.0
Oct 26 12:09:22 12:09:21.998885:CID-0:RT:<x.x.x.34/54125->x.x.x.146/44818;6> matched filter web_to_trust:
Oct 26 12:09:22 12:09:21.998885:CID-0:RT:packet [44] ipid = 20315, @0x43666e24
Oct 26 12:09:22 12:09:21.998885:CID-0:RT:---- flow_process_pkt: (thd 1): flow_ctxt type 15, common flag 0x0, mbuf 0x43666c00, rtbl_idx = 0
Oct 26 12:09:22 12:09:21.998885:CID-0:RT: flow process pak fast ifl 81 in_ifp fe-0/0/7.0
Oct 26 12:09:22 12:09:21.998885:CID-0:RT: fe-0/0/7.0:x.x.x.34/54125->x.x.x.146/44818, tcp, flag 2 syn
Oct 26 12:09:22 12:09:21.998885:CID-0:RT: find flow: table 0x59263e58, hash 42337(0xffff), sa x.x.x.34, da x.x.x.146, sp 54125, dp 44818, proto 6, tok 6
Oct 26 12:09:22 12:09:21.998885:CID-0:RT: no session found, start first path. in_tunnel - 0x0, from_cp_flag - 0
Oct 26 12:09:22 12:09:21.998885:CID-0:RT:check self-traffic on fe-0/0/7.0, in_tunnel 0x0
Oct 26 12:09:22 12:09:21.998885:CID-0:RT:retcode: 0x1
Oct 26 12:09:22 12:09:21.998885:CID-0:RT:pak_for_self : proto 6, dst port 44818, action 0x0
Oct 26 12:09:22 12:09:21.998885:CID-0:RT: flow_first_create_session
Oct 26 12:09:22 12:09:21.998885:CID-0:RT: flow_first_in_dst_nat: in <fe-0/0/7.0>, out <N/A> dst_adr x.x.x.146, sp 54125, dp 44818
Oct 26 12:09:22 12:09:21.998885:CID-0:RT: chose interface fe-0/0/7.0 as incoming nat if.
Oct 26 12:09:22 12:09:21.998885:CID-0:RT:flow_first_rule_dst_xlate: DST xlate: x.x.x.146(44818) to 192.168.168.2(44818), rule/pool id 1/1.
Oct 26 12:09:22 12:09:21.998885:CID-0:RT:flow_first_routing: vr_id 0, call flow_route_lookup(): src_ip x.x.x.34, x_dst_ip 192.168.168.2, in ifp fe-0/0/7.0, out ifp N/A sp 54125, dp 44818, ip_proto 6, tos 0
Oct 26 12:09:22 12:09:21.998885:CID-0:RT:Doing DESTINATION addr route-lookup
Oct 26 12:09:22 12:09:21.998885:CID-0:RT: routed (x_dst_ip 192.168.168.2) from Internet (fe-0/0/7.0 in 0) to vlan.0, Next-hop: 192.168.168.2
Oct 26 12:09:22 12:09:21.998885:CID-0:RT:flow_first_policy_search: policy search from zone Internet-> zone Internal (0x110,0xd36daf12,0xaf12)
Oct 26 12:09:22 12:09:21.998885:CID-0:RT:Policy lkup: vsys 0 zone(6:Internet) -> zone(8:Internal) scope:0
Oct 26 12:09:22 12:09:21.998885:CID-0:RT: x.x.x.34/54125 -> 192.168.168.2/44818 proto 6
Oct 26 12:09:22 12:09:21.998885:CID-0:RT: app 0, timeout 1800s, curr ageout 20s
Oct 26 12:09:22 12:09:21.998885:CID-0:RT: permitted by policy PLC_In(14)
Oct 26 12:09:22 12:09:21.998885:CID-0:RT: packet passed, Permitted by policy.
Oct 26 12:09:22 12:09:21.998885:CID-0:RT:flow_first_src_xlate: nat_src_xlated: False, nat_src_xlate_failed: False
Oct 26 12:09:22 12:09:21.998885:CID-0:RT:flow_first_src_xlate: src nat returns status: 0, rule/pool id: 0/0, pst_nat: False.
Oct 26 12:09:22 12:09:21.998885:CID-0:RT: dip id = 0/0, x.x.x.34/54125->x.x.x.34/54125 protocol 0
Oct 26 12:09:22 12:09:21.998885:CID-0:RT: choose interface vlan.0 as outgoing phy if
Oct 26 12:09:22 12:09:21.998885:CID-0:RT:is_loop_pak: No loop: on ifp: vlan.0, addr: 192.168.168.2, rtt_idx:0
Oct 26 12:09:22 12:09:21.998885:CID-0:RT:-jsf : Alloc sess plugin info for session 141734030694
Oct 26 12:09:22 12:09:21.998885:CID-0:RT:[JSF]Normal interest check. regd plugins 19, enabled impl mask 0x0
Oct 26 12:09:22 12:09:21.998885:CID-0:RT:-jsf int check: plugin id 2, svc_req 0x0, impl mask 0x0. rc 4
Oct 26 12:09:22 12:09:21.998885:CID-0:RT:-jsf int check: plugin id 3, svc_req 0x0, impl mask 0x0. rc 4
Oct 26 12:09:22 12:09:21.998885:CID-0:RT:-jsf int check: plugin id 5, svc_req 0x0, impl mask 0x0. rc 4
Oct 26 12:09:22 12:09:21.998885:CID-0:RT:-jsf int check: plugin id 6, svc_req 0x0, impl mask 0x0. rc 4
Oct 26 12:09:22 12:09:21.998885:CID-0:RT:-jsf int check: plugin id 7, svc_req 0x0, impl mask 0x0. rc 4
Oct 26 12:09:22 12:09:21.998885:CID-0:RT:-jsf int check: plugin id 8, svc_req 0x0, impl mask 0x0. rc 4
Oct 26 12:09:22 12:09:21.998885:CID-0:RT:-jsf int check: plugin id 12, svc_req 0x0, impl mask 0x0. rc 4
Oct 26 12:09:22 12:09:21.998885:CID-0:RT:-jsf int check: plugin id 15, svc_req 0x0, impl mask 0x0. rc 4
Oct 26 12:09:22 12:09:21.998885:CID-0:RT:+++++++++++jsf_test_plugin_data_evh: 3
Oct 26 12:09:22 12:09:21.998885:CID-0:RT:-jsf int check: plugin id 16, svc_req 0x0, impl mask 0x0. rc 4
Oct 26 12:09:22 12:09:21.998885:CID-0:RT:-jsf int check: plugin id 22, svc_req 0x0, impl mask 0x0. rc 4
Oct 26 12:09:22 12:09:21.998885:CID-0:RT:-jsf int check: plugin id 23, svc_req 0x0, impl mask 0x0. rc 4
Oct 26 12:09:22 12:09:21.998885:CID-0:RT:-jsf int check: plugin id 26, svc_req 0x0, impl mask 0x0. rc 4
Oct 26 12:09:22 12:09:21.998885:CID-0:RT:-jsf int check: plugin id 27, svc_req 0x0, impl mask 0x0. rc 2
Oct 26 12:09:22 12:09:21.998885:CID-0:RT:-jsf int check: plugin id 28, svc_req 0x0, impl mask 0x0. rc 4
Oct 26 12:09:22 12:09:21.998885:CID-0:RT:[JSF]Plugins(0x0, count 0) enabled for session = 140064100, impli mask(0x21), post_nat cnt 109926 svc req(0x0)
Oct 26 12:09:22 12:09:21.998885:CID-0:RT:-jsf : no plugin interested for session 141734030694, free sess plugin info
Oct 26 12:09:22 12:09:21.998885:CID-0:RT:flow_first_service_lookup(): natp(0x600472f8): app_id, 0(0).
Oct 26 12:09:22 12:09:21.998885:CID-0:RT: service lookup identified service 0.
Oct 26 12:09:22 12:09:21.998885:CID-0:RT: flow_first_final_check: in <fe-0/0/7.0>, out <vlan.0>
Oct 26 12:09:22 12:09:21.998885:CID-0:RT:flow_first_final_check: flow_set_xlate_vector.
Oct 26 12:09:22 12:09:21.998885:CID-0:RT:flow_first_complete_session, pak_ptr: 0x592e5090, nsp: 0x600472f8, in_tunnel: 0x0
Oct 26 12:09:22 12:09:21.998885:CID-0:RT:construct v4 vector for nsp2
Oct 26 12:09:22 12:09:21.998885:CID-0:RT: existing vector list 0x1002-0x51267b10.
Oct 26 12:09:22 12:09:21.998885:CID-0:RT: Session (id:109926) created for first pak 1002
Oct 26 12:09:22 12:09:21.998885:CID-0:RT: flow_first_install_session======> 0x600472f8
Oct 26 12:09:22 12:09:21.998885:CID-0:RT: nsp 0x600472f8, nsp2 0x60047378
Oct 26 12:09:22 12:09:21.998885:CID-0:RT: make_nsp_ready_no_resolve()
Oct 26 12:09:22 12:09:21.998885:CID-0:RT: route lookup: dest-ip x.x.x.34 orig ifp fe-0/0/7.0 output_ifp fe-0/0/7.0 orig-zone 6 out-zone 6 vsd 0
Oct 26 12:09:22 12:09:21.998885:CID-0:RT: route to x.x.x.129
Oct 26 12:09:22 12:09:21.998885:CID-0:RT:no need update ha
Oct 26 12:09:22 12:09:21.998885:CID-0:RT:Installing c2s NP session wing
Oct 26 12:09:22 12:09:21.998885:CID-0:RT:Installing s2c NP session wing
Oct 26 12:09:22 12:09:21.998885:CID-0:RT: flow got session.
Oct 26 12:09:22 12:09:21.998885:CID-0:RT: flow session id 109926
Oct 26 12:09:22 12:09:21.998885:CID-0:RT: vector bits 0x1002 vector 0x51267b10
Oct 26 12:09:22 12:09:21.998885:CID-0:RT: tcp 3way refresh, is_half_open:0, is_fwauth:0
Oct 26 12:09:22 12:09:21.998885:CID-0:RT: tcp flags 0x2, flag 0x2
Oct 26 12:09:22 12:09:21.998885:CID-0:RT: Got syn, x.x.x.34(54125)->x.x.x.146(44818), nspflag 0x1021, 0x20
Oct 26 12:09:22 12:09:21.998885:CID-0:RT:flow_xlate_pak
Oct 26 12:09:22 12:09:21.998885:CID-0:RT: post addr xlation: x.x.x.34->192.168.168.2.
Oct 26 12:09:22 12:09:21.998885:CID-0:RT: post addr xlation: x.x.x.34->192.168.168.2.
Oct 26 12:09:22 12:09:21.998885:CID-0:RT:skip pre-frag: is_tunnel_if- 0, is_if_mtu_configured- 0
Oct 26 12:09:22 12:09:21.998885:CID-0:RT:mbuf 0x43666c00, exit nh 0x180010
Oct 26 12:09:22 12:09:21.998885:CID-0:RT: ----- flow_process_pkt rc 0x0 (fp rc 0)
Oct 26 12:09:22 12:09:22.271642:CID-0:RT:<x.x.x.34/54624->x.x.x.146/44818;6> matched filter web_to_trust:
Oct 26 12:09:22 12:09:22.271642:CID-0:RT:packet [44] ipid = 45455, @0x436346a4
Oct 26 12:09:22 12:09:22.271642:CID-0:RT:---- flow_process_pkt: (thd 1): flow_ctxt type 15, common flag 0x0, mbuf 0x43634480, rtbl_idx = 0
Oct 26 12:09:22 12:09:22.271642:CID-0:RT: flow process pak fast ifl 81 in_ifp fe-0/0/7.0
Oct 26 12:09:22 12:09:22.271642:CID-0:RT: fe-0/0/7.0:x.x.x.34/54624->x.x.x.146/44818, tcp, flag 2 syn
Oct 26 12:09:22 12:09:22.271642:CID-0:RT: find flow: table 0x59263e58, hash 16083(0xffff), sa x.x.x.34, da x.x.x.146, sp 54624, dp 44818, proto 6, tok 6
Oct 26 12:09:22 12:09:22.271642:CID-0:RT: no session found, start first path. in_tunnel - 0x0, from_cp_flag - 0
Oct 26 12:09:22 12:09:22.271642:CID-0:RT:check self-traffic on fe-0/0/7.0, in_tunnel 0x0
Oct 26 12:09:22 12:09:22.271642:CID-0:RT:retcode: 0x1
Oct 26 12:09:22 12:09:22.271642:CID-0:RT:pak_for_self : proto 6, dst port 44818, action 0x0
Oct 26 12:09:22 12:09:22.271642:CID-0:RT: flow_first_create_session
Oct 26 12:09:22 12:09:22.271642:CID-0:RT: flow_first_in_dst_nat: in <fe-0/0/7.0>, out <N/A> dst_adr x.x.x.146, sp 54624, dp 44818
Oct 26 12:09:22 12:09:22.271642:CID-0:RT: chose interface fe-0/0/7.0 as incoming nat if.
Oct 26 12:09:22 12:09:22.271642:CID-0:RT:flow_first_rule_dst_xlate: DST xlate: x.x.x.146(44818) to 192.168.168.2(44818), rule/pool id 1/1.
Oct 26 12:09:22 12:09:22.271642:CID-0:RT:flow_first_routing: vr_id 0, call flow_route_lookup(): src_ip x.x.x.34, x_dst_ip 192.168.168.2, in ifp fe-0/0/7.0, out ifp N/A sp 54624, dp 44818, ip_proto 6, tos 0
Oct 26 12:09:22 12:09:22.271642:CID-0:RT:Doing DESTINATION addr route-lookup
Oct 26 12:09:22 12:09:22.271642:CID-0:RT: routed (x_dst_ip 192.168.168.2) from Internet (fe-0/0/7.0 in 0) to vlan.0, Next-hop: 192.168.168.2
Oct 26 12:09:22 12:09:22.271642:CID-0:RT:flow_first_policy_search: policy search from zone Internet-> zone Internal (0x110,0xd560af12,0xaf12)
Oct 26 12:09:22 12:09:22.271642:CID-0:RT:Policy lkup: vsys 0 zone(6:Internet) -> zone(8:Internal) scope:0
Oct 26 12:09:22 12:09:22.271642:CID-0:RT: x.x.x.34/54624 -> 192.168.168.2/44818 proto 6
Oct 26 12:09:22 12:09:22.271642:CID-0:RT: app 0, timeout 1800s, curr ageout 20s
Oct 26 12:09:22 12:09:22.271642:CID-0:RT: permitted by policy PLC_In(14)
Oct 26 12:09:22 12:09:22.271642:CID-0:RT: packet passed, Permitted by policy.
Oct 26 12:09:22 12:09:22.271642:CID-0:RT:flow_first_src_xlate: nat_src_xlated: False, nat_src_xlate_failed: False
Oct 26 12:09:22 12:09:22.271642:CID-0:RT:flow_first_src_xlate: src nat returns status: 0, rule/pool id: 0/0, pst_nat: False.
Oct 26 12:09:22 12:09:22.271642:CID-0:RT: dip id = 0/0, x.x.x.34/54624->x.x.x.34/54624 protocol 0
Oct 26 12:09:22 12:09:22.271642:CID-0:RT: choose interface vlan.0 as outgoing phy if
Oct 26 12:09:22 12:09:22.271642:CID-0:RT:is_loop_pak: No loop: on ifp: vlan.0, addr: 192.168.168.2, rtt_idx:0
Oct 26 12:09:22 12:09:22.271642:CID-0:RT:-jsf : Alloc sess plugin info for session 141734029085
Oct 26 12:09:22 12:09:22.271642:CID-0:RT:[JSF]Normal interest check. regd plugins 19, enabled impl mask 0x0
Oct 26 12:09:22 12:09:22.271642:CID-0:RT:-jsf int check: plugin id 2, svc_req 0x0, impl mask 0x0. rc 4
Oct 26 12:09:22 12:09:22.271642:CID-0:RT:-jsf int check: plugin id 3, svc_req 0x0, impl mask 0x0. rc 4
Oct 26 12:09:22 12:09:22.271642:CID-0:RT:-jsf int check: plugin id 5, svc_req 0x0, impl mask 0x0. rc 4
Oct 26 12:09:22 12:09:22.271642:CID-0:RT:-jsf int check: plugin id 6, svc_req 0x0, impl mask 0x0. rc 4
Oct 26 12:09:22 12:09:22.271642:CID-0:RT:-jsf int check: plugin id 7, svc_req 0x0, impl mask 0x0. rc 4
Oct 26 12:09:22 12:09:22.271642:CID-0:RT:-jsf int check: plugin id 8, svc_req 0x0, impl mask 0x0. rc 4
Oct 26 12:09:22 12:09:22.271642:CID-0:RT:-jsf int check: plugin id 12, svc_req 0x0, impl mask 0x0. rc 4
Oct 26 12:09:22 12:09:22.271642:CID-0:RT:-jsf int check: plugin id 15, svc_req 0x0, impl mask 0x0. rc 4
Oct 26 12:09:22 12:09:22.271642:CID-0:RT:+++++++++++jsf_test_plugin_data_evh: 3
Oct 26 12:09:22 12:09:22.271642:CID-0:RT:-jsf int check: plugin id 16, svc_req 0x0, impl mask 0x0. rc 4
Oct 26 12:09:22 12:09:22.271642:CID-0:RT:-jsf int check: plugin id 22, svc_req 0x0, impl mask 0x0. rc 4
Oct 26 12:09:22 12:09:22.271642:CID-0:RT:-jsf int check: plugin id 23, svc_req 0x0, impl mask 0x0. rc 4
Oct 26 12:09:22 12:09:22.271642:CID-0:RT:-jsf int check: plugin id 26, svc_req 0x0, impl mask 0x0. rc 4
Oct 26 12:09:22 12:09:22.271642:CID-0:RT:-jsf int check: plugin id 27, svc_req 0x0, impl mask 0x0. rc 2
Oct 26 12:09:22 12:09:22.271642:CID-0:RT:-jsf int check: plugin id 28, svc_req 0x0, impl mask 0x0. rc 4
Oct 26 12:09:22 12:09:22.271642:CID-0:RT:[JSF]Plugins(0x0, count 0) enabled for session = 140064100, impli mask(0x21), post_nat cnt 108317 svc req(0x0)
Oct 26 12:09:22 12:09:22.271642:CID-0:RT:-jsf : no plugin interested for session 141734029085, free sess plugin info
Oct 26 12:09:22 12:09:22.271642:CID-0:RT:flow_first_service_lookup(): natp(0x5ff940f0): app_id, 0(0).
Oct 26 12:09:22 12:09:22.271642:CID-0:RT: service lookup identified service 0.
Oct 26 12:09:22 12:09:22.271642:CID-0:RT: flow_first_final_check: in <fe-0/0/7.0>, out <vlan.0>
Oct 26 12:09:22 12:09:22.271642:CID-0:RT:flow_first_final_check: flow_set_xlate_vector.
Oct 26 12:09:22 12:09:22.271642:CID-0:RT:flow_first_complete_session, pak_ptr: 0x592e5090, nsp: 0x5ff940f0, in_tunnel: 0x0
Oct 26 12:09:22 12:09:22.271642:CID-0:RT:construct v4 vector for nsp2
Oct 26 12:09:22 12:09:22.271642:CID-0:RT: existing vector list 0x1002-0x51267b10.
Oct 26 12:09:22 12:09:22.271642:CID-0:RT: Session (id:108317) created for first pak 1002
Oct 26 12:09:22 12:09:22.271642:CID-0:RT: flow_first_install_session======> 0x5ff940f0
Oct 26 12:09:22 12:09:22.271642:CID-0:RT: nsp 0x5ff940f0, nsp2 0x5ff94170
Oct 26 12:09:22 12:09:22.271642:CID-0:RT: make_nsp_ready_no_resolve()
Oct 26 12:09:22 12:09:22.271642:CID-0:RT: route lookup: dest-ip x.x.x.34 orig ifp fe-0/0/7.0 output_ifp fe-0/0/7.0 orig-zone 6 out-zone 6 vsd 0
Oct 26 12:09:22 12:09:22.271642:CID-0:RT: route to x.x.x.129
Oct 26 12:09:22 12:09:22.271642:CID-0:RT:no need update ha
Oct 26 12:09:22 12:09:22.271642:CID-0:RT:Installing c2s NP session wing
Oct 26 12:09:22 12:09:22.271642:CID-0:RT:Installing s2c NP session wing
Oct 26 12:09:22 12:09:22.271642:CID-0:RT: flow got session.
Oct 26 12:09:22 12:09:22.271642:CID-0:RT: flow session id 108317
Oct 26 12:09:22 12:09:22.271642:CID-0:RT: vector bits 0x1002 vector 0x51267b10
Oct 26 12:09:22 12:09:22.271642:CID-0:RT: tcp 3way refresh, is_half_open:0, is_fwauth:0
Oct 26 12:09:22 12:09:22.271642:CID-0:RT: tcp flags 0x2, flag 0x2
Oct 26 12:09:22 12:09:22.271642:CID-0:RT: Got syn, x.x.x.34(54624)->x.x.x.146(44818), nspflag 0x1021, 0x20
Oct 26 12:09:22 12:09:22.271642:CID-0:RT:flow_xlate_pak
Oct 26 12:09:22 12:09:22.271642:CID-0:RT: post addr xlation: x.x.x.34->192.168.168.2.
Oct 26 12:09:22 12:09:22.271642:CID-0:RT: post addr xlation: x.x.x.34->192.168.168.2.
Oct 26 12:09:22 12:09:22.271642:CID-0:RT:skip pre-frag: is_tunnel_if- 0, is_if_mtu_configured- 0
Oct 26 12:09:22 12:09:22.271642:CID-0:RT:mbuf 0x43634480, exit nh 0x180010
Oct 26 12:09:22 12:09:22.271642:CID-0:RT: ----- flow_process_pkt rc 0x0 (fp rc 0)
Oct 26 12:09:25 12:09:25.757010:CID-0:RT:ASL nat rule lookup: src_ip: 192.168.168.115
Oct 26 12:09:25 12:09:25.757010:CID-0:RT:ASL nat rule lookup: dst_ip: 192.168.117.179 port:0
Oct 26 12:09:25 12:09:25.757010:CID-0:RT:ASL nat rule lookup: lsys:0, ifp: vlan.0->st0.1
Oct 26 12:09:25 12:09:25.757010:CID-0:RT:ASL nat rule lookup: src_ip: 192.168.117.179
Oct 26 12:09:25 12:09:25.757010:CID-0:RT:ASL nat rule lookup: dst_ip: 192.168.117.179 port:0
Oct 26 12:09:25 12:09:25.757010:CID-0:RT:ASL nat rule lookup: lsys:0, ifp: st0.1->st0.1
Oct 26 12:09:26 12:09:26.076707:CID-0:RT:ASL nat rule lookup: src_ip: 192.168.168.115
Oct 26 12:09:26 12:09:26.076707:CID-0:RT:ASL nat rule lookup: dst_ip: 192.168.168.115 port:0
Oct 26 12:09:26 12:09:26.076707:CID-0:RT:ASL nat rule lookup: lsys:0, ifp: vlan.0->vlan.0