Re: Linux netfilter / iptables : How to enable iptables TRACE chain handling with nf_log_syslog on RHEL8+?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Jason Vas Dias <jason.vas.dias@xxxxxx> wrote:
>   RE: you wrote:
>   > Run "xtables-monitor --trace".
> 
>   Thanks for the info about xtables-monitor - yes, that does give alot
>   of extra information about rule chain processing.
> 
>   But I'd just like to understand :
>     Why does this work under kernel v6.2.16 and not under v4.18.0-477 ?
>     :
>     # iptables -t raw -A PREROUTING -p icmp -j TRACE
>     # iptables -t raw -A OUTPUT -p icmp -j TRACE
>     # modprobe nf_log_ipv4
>     # echo nf_log_ipv4 > /proc/sys/net/netfilter/nf_log/2
> 
>   How can I enable the 'nf_log_syslog' module, so that it does
>   in fact emit TRACE kernel messages to syslog, as it purports
>   to be able to do, under v4.18.0-477 ?

You need to install iptables-legacy, not shipped in RHEL8.



[Index of Archives]     [Netfitler Users]     [Berkeley Packet Filter]     [LARTC]     [Bugtraq]     [Yosemite Forum]

  Powered by Linux