From 9ff32b8a8b37ea564761a30adb1c188c65a6111f Mon Sep 17 00:00:00 2001
From: Owen <owen@txv.io>
Date: Thu, 7 May 2026 16:16:47 -0700
Subject: [PATCH] Fix not logging when rewriting nat

---
 netstack2/proxy.go | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/netstack2/proxy.go b/netstack2/proxy.go
index b08eea3..95fab6a 100644
--- a/netstack2/proxy.go
+++ b/netstack2/proxy.go
@@ -572,6 +572,18 @@ func (p *ProxyHandler) HandleIncomingPacket(packet []byte) bool {
 
 				// Store destination rewrite for handler lookups
 				p.destRewriteTable[dKey] = newDst
+
+				// Also store the resource ID under the rewritten destination key so that
+				// TCP/UDP handlers can find it after DNAT (they see the post-NAT dst IP).
+				if matchedRule.ResourceId != 0 {
+					rewrittenKey := destKey{
+						srcIP:   srcAddr.String(),
+						dstIP:   newDst.String(),
+						dstPort: dstPort,
+						proto:   uint8(protocol),
+					}
+					p.resourceTable[rewrittenKey] = matchedRule.ResourceId
+				}
 				p.natMu.Unlock()
 				logger.Debug("New NAT entry for connection: %s -> %s", dstAddr, newDst)
 			}