On Sun, Nov 27, 2016 at 08:08:29PM +0800, Liping Zhang wrote: > From: Liping Zhang <zlpnobody@xxxxxxxxx> > > For example: > # iptables-translate -A OUTPUT -j LOG --log-uid > nft add rule ip filter OUTPUT counter log flags skuid > > # iptables-translate -A OUTPUT -j LOG --log-tcp-sequence \ > --log-tcp-options > nft add rule ip filter OUTPUT counter log flags tcp sequence,options > > # iptables-translate -A OUTPUT -j LOG --log-level debug --log-uid > nft add rule ip filter OUTPUT counter log level debug flags skuid > > # ip6tables-translate -A OUTPUT -j LOG --log-ip-options --log-macdecode > nft add rule ip6 filter OUTPUT counter log flags ip options flags ether > > # ip6tables-translate -A OUTPUT -j LOG --log-ip-options --log-uid \ > --log-tcp-sequence --log-tcp-options --log-macdecode > nft add rule ip6 filter OUTPUT counter log flags all Applied, thanks Liping. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
