I've run into an odd snag.
Set up a bridge to protect a box that can't protect itself. Kernel 2.6.0,
iptables 1.2.9. I'm trying to log some client-server interaction, so I
created this rule:
iptables -A FORWARD -s $client -LOG --log-level 7 --log-prefix "IPT CLIENT:
"
iptables -A FORWARD -d $client -LOG --log-level 7 --log-prefix "IPT CLIENT:
"
FORWARD policy is ACCEPT. There are *no* other rules or chains.
I redirect kern.7 messages into its own log. But no info is getting captured
in there at all. tcpdump sees packets w/ client ip.
What am I doing wrong and how can I log info going over the bridge to/from a
particular ip?
/*************************************** .-"""-.
Michael Hurley ' \
Webmaster/SysAdmin |,. ,-. |
University of Connecticut School of Law |()L( ()| |
mhurley@xxxxxxxxxxxxx |,' `".| |
(860) 570-5233 |.___.',| `
***************************************/ .j `--"' ` `.
/ ' ' \
/ / ` `.
/ / ` .
/ / l |
. , | |
,"`. .| |
_.' ``. | `..-'l
| `.`, | `.
| `. __.j )
|__ |--""___| ,-'
`"--...,+"""" `._,.-' mh
