On Mon, 20 Apr 2009, Jan Engelhardt wrote: > On Monday 2009-04-20 12:12, Jozsef Kadlecsik wrote: > > > >But ulogd2 requires the ULOG target > > What purpose would NFLOG serve then? Thanks for the correction. Still, whatever log target we consider (LOG/ULOG/NFLOG), currently there's no hook point at which a rule could be added to log the original and (src) NAT-ed IP addresses. > >> I think that Patrick is not going to like the idea of adding more hooks, > >> what do you think Patrick? > > > >Yes, the additional hook is suboptimal. But I couldn't find any other > >way to get the data. > > The rawpost_table, as in the RAWNAT branch of Xtables-addons. While > the additional table is probably just as suboptimal, at least you > can unload it. Increasing the number of the tables? I'd better add a module parameter to define the really used hook entry points for the tables (raw, mangle and maybe nat). Best regards, Jozsef - E-mail : kadlec@xxxxxxxxxxxxxxxxx, kadlec@xxxxxxxxxxxx PGP key : http://www.kfki.hu/~kadlec/pgp_public_key.txt Address : KFKI Research Institute for Particle and Nuclear Physics H-1525 Budapest 114, POB. 49, Hungary -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
