Le jeu 29/01/2004 à 13:59, Christophe.LINDHEIMER@xxxxxxxxxxxxxxxxxx a écrit : > My computer that is running iptables is 128.0.0.1 > An other computer has @ 128.0.0.2. > I try to followings commands : > iptables -t nat -A PREROUTING -i eth0 -j LOG > iptables -t mangle -A PREROUTING -i eth0 -j LOG > iptables -A INPUT -i eth0 -j LOG > if I ping 128.0.0.1 from 128.0.0.2, I see the packets in the syslog. > if I ping 128.0.0.10 ( for example ) from 128.0.0.2, there is nothing in the > syslog. > Is it normal ? Euh... Well... I do not have an idea of your general network setup, but I do not see why (according to the fact that your rules are issued on 128.0.0.1) a packet from 128.0.0.2 to 128.0.0.10 should get logged by 128.0.0.1... > I thought that I was going to see all the packets in the NAT and not only > the packets with the right IP @. All the packets _received_ by the box. > Missing something ??? If I'm right, you're missing the fact that packets from 128.0.0.2 to 128.0.0.10 are not seen by 128.0.0.1, so cannot get logged there. But, again, you should explain your LAN setup for us to be sure we discuss the same situation. -- http://www.netexit.com/~sid/ PGP KeyID: 157E98EE FingerPrint: FA62226DA9E72FA8AECAA240008B480E157E98EE >> Hi! I'm your friendly neighbourhood signature virus. >> Copy me to your signature file and help me spread!
