On Mon, Jul 11, 2011 at 9:52 PM, Javier Vasquez <j.e.vasquez.v@xxxxxxxxx> wrote: > On Sun, Jul 10, 2011 at 6:35 PM, Robert Marmorstein <rmmarm@xxxxxxx> wrote: >> ... >> >> It might help you to LOG packets that are REJECTED. Then if you continue to >> have issues, you should be able to see more directly what's going on. >> >> To do that, add rules like directly before the ones with -J REJECT: >> >> iptables -A INPUT -j LOG -m limit --limit 3/minute >> iptables -A FORWARD -j LOG -m limit --limit 3/minute >> >> Then you should look in /var/log/messages or /var/log/syslog (depending on >> which logger you have installed) to see which packets are being dropped. >> >> You probably don't want these rules enabled all the time -- the log files >> can get pretty big quickly -- but they are very helpful for debugging. >> >> If you continue to have issues, posting the LOG messages would help us know >> more about what's going on. >> >> Robert > > Hi Robert, I tried the loging rules, but they didn't work as proposed: > > % sudo iptables -A INPUT -j LOG -m limit --limit 3/minute > Password: > iptables: Invalid argument. Run `dmesg' for more information. > > % sudo iptables -A FORWARD -j LOG -m limit --limit 3/minute > iptables: Invalid argument. Run `dmesg' for more information. > > What dmesg shows is: > > x_tables: ip_tables: limit.0 match: invalid size 40 (kernel) != (user) 48 > x_tables: ip_tables: limit.0 match: invalid size 40 (kernel) != (user) 48 > > I didn't find anything under: > > /var/log/messages.log > /var/log/syslog.log > > The dmesg messages come from: > > /var/log/kernel.log > > Not sure if that helps any way to get some light, :-) > > Thanks, > > -- > Javier. > Translation of: http://bbs.lemote.com/archiver/?tid-51375.html Seems to indicate not to be an issue: http://translate.google.com/translate?js=n&prev=_t&hl=en&ie=UTF-8&layout=2&eotf=1&sl=auto&tl=en&u=http%3A%2F%2Fbbs.lemote.com%2Farchiver%2F%3Ftid-51375.html Perhaps I'll have to try tcpdump as suggested, :-) -- Javier.
