Antony Stone wrote:
Thanks for the suggestions. I tried these two commands and on both it shows 0 packets being filtered. I took the rules out of nat as they didn't seem to be doing anything
I don't know the answer to your question, but in situations like this I always think it's a good idea to turn on some LOGging so you can see where the packets are, and then you can try filtering them.
One thing you could do straight off is just request a detailed listing of the chains, to see if you have any packet counts at all:
iptables -L -n -v -x
will print out the filter tables in the INPUT, FORWARD and OUTPUT chains, and you should see from the byte & packet counters whether packets seem to have been going past.
You can do the same thing with the nat tables to see what happens just before & after the above:
iptables -L -t nat -n -v -x
However, if you simply put a LOG rule into all five chains, and then send some packet through the bridge, see what gets logged where:This is a production machine so leaving logging on for extended periods isn't an option since it would quickly fill up the logs. However I turned in on briefly and even though using tcpdump I see constant traffic through the bridge the logs only show traffic going in and out to the bridge's IP that I have setup for maintenence, mostly my SSH session. Any ideas how I can get it to see the traffic going through?
iptables -I INPUT -j LOG iptables -I FORWARD -j LOG iptables -I OUTPUT -j LOG iptables -I PREROUTING -t nat -j LOG iptables -I POSTROUTING -t nat -j LOG
Chris
-- Chris Brown System Administrator / Web Application Developer Wavetex Inc. 903-533-1700 http://wavetex.com/
