I've run into an odd snag. Set up a bridge to protect a box that can't protect itself. Kernel 2.6.0,Hello Michael,
iptables 1.2.9. I'm trying to log some client-server interaction, so I
created this rule:
iptables -A FORWARD -s $client -LOG --log-level 7 --log-prefix "IPT CLIENT: " iptables -A FORWARD -d $client -LOG --log-level 7 --log-prefix "IPT CLIENT: "
FORWARD policy is ACCEPT. There are *no* other rules or chains.
I redirect kern.7 messages into its own log. But no info is getting captured
in there at all. tcpdump sees packets w/ client ip.
What am I doing wrong and how can I log info going over the bridge to/from a particular ip?
If you are attempting to perform this logging on a layer two (bridging) device then your logging rules will need to be based upon layer two addresses and not layer three (IP). A bridge ordinarily does not see layer three addresses.
Regards, jim
/*************************************** .-"""-.
Michael Hurley ' \ Webmaster/SysAdmin |,. ,-. |
University of Connecticut School of Law |()L( ()| |
mhurley@xxxxxxxxxxxxx |,' `".| |
(860) 570-5233 |.___.',| `
***************************************/ .j `--"' ` `.
/ ' ' \
/ / ` `.
/ / ` .
/ / l |
. , | |
,"`. .| |
_.' ``. | `..-'l
| `.`, | `.
| `. __.j )
|__ |--""___| ,-'
`"--...,+"""" `._,.-' mh
