anyone is good with ULOG....
This command don't log anything on my nat.log..
iptables -t nat -A POSTROUTING -s 10.50.72.0/23 -o eth0 -j ULOG --ulog-cprange 512 --ulog-prefix "ULOG: "
Is necessary to change the syslog daemon with the ulogd daemon ?!?!
I need to log the client ip address, remote ip address, url requested.
I can't use squid because for my configuration i need to nat some specific subnet to a specific ip address and so on..
Thanks to anyone for valid idea..
X-Authentication-Warning: spoutnik.cartel-securite.net: Host styx.intrusion.cartel-securite.net [194.29.206.118] (may be forged) claimed to be elendil.intranet.cartel-securite.net
Subject: Re: nat logging
From: Cedric Blancher <blancher@xxxxxxxxxxxxxxxxxx>
To: Simone Sestini <simone.sestini@xxxxxxxxxx>
Organization: Cartel Sécurité
X-Mailer: Ximian Evolution 1.4.3
Date: 11 Aug 2003 10:46:28 +0200
X-MIME-Autoconverted: from quoted-printable to 8bit by elendil.intranet.cartel-securite.net id h7B8kSoi001320
X-Spam-Status: No, hits=-109.5 required=5
X-Scanned-By: MIMEDefang 2.30 (www . roaringpenguin . com / mimedefang)
Le lun 11/08/2003 à 10:25, Simone Sestini a écrit :
> so the new command should be something like ..
> iptables -t nat -A POSTROUTING -s 10.50.72.0/23 -o eth0 -j ULOG
> --ulog-cprange 512 --ulog-prefix "ULOG: "
Yes something like this.
But do not forget about "first packet restriction" in nat table.
> the documentation explain something about netlink group.. but i have
> no idea if i need to use that too..
I am not familiar with ULOG, so you should ask the list for its
configuration.
Greetings.
--
http://www.netexit.com/~sid/
PGP KeyID: 157E98EE FingerPrint: FA62226DA9E72FA8AECAA240008B480E157E98EE
Simone Sestini [ SS971-RIPE ]
Plug IT s.p.a. - Technical Office
Via Ernesto Rossi
52100 Arezzo
Fax
Web
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
