On Thu, 2002-11-14 at 00:53, Nix N. Nix wrote: > On Wed, 2002-11-13 at 17:14, Bj=F8rn Ruberg wrote: > > On Wed, 2002-11-13 at 21:35, Nix N. Nix wrote: [snip] > I wrote a util that would open a SOCK_DGRAM socket and bind it to a > specific interface, like 127.0.0.1:<some_port> or > 192.168.1.1:<some_port> . Thus, I had something listening on > localhost:8080/udp. I added the rule, then tried this from a computer > on the 192.168.1.0/24 network (in bash): >=20 > echo -n 'Abracadabra' > /dev/udp/192.168.1.1/80 >=20 > This had no effect. It did have an effect without the rule and with my > util listening on 192.168.1.1:80 . Are you familiar with the brilliant tool netcat? You find it at http://www.atstake.com/research/tools/ > > When you debug your iptables rules, turn on full logging to see what is > > being dropped. >=20 > How do I do that ? Check out the LOG target (you'll find it in the netfilter docs) and find out how it works. Then apply a LOG rule before you redirect. If what you see there makes sense, apply (or add) a LOG rule after the redirect. Then you will be able to debug your redirection properly. You may also want to take a look at the utilities tcpdump and ethereal. Be, however, aware that the source code to tcpdump has been trojaned in at least one of the versions. Check with your Linux vendor (www.redhat.com etc) for precompiled packages. Bj=F8rn
