Hey Nadim I suggest that you use logging mechaninsm of iptables, put -j LOG lines in many tables, it will allow you to "see" the packets going trough tables and chains. By default packets are logged in /var/log/messages a good schema on how it works : http://iptables-tutorial.frozentux.net/iptables-tutorial.html#TRAVERSINGOFTABLES a good example script of -j LOG : http://iptables-tutorial.frozentux.net/iptables-tutorial.html#INCLUDE.TESTTABLES (option "--log-prefix" is important here to know where you are) I also suggest that you dont drop a packet before logging it, you may add a logging rule to every DROP or REJECT rules you may have in your configuration. It also helps to know where the packet have been dropped. Hope this helps Have a nice day Maxime Ducharme Programmeur / Spécialiste en sécurité réseau ----- Original Message ----- From: "nadim" <nadim@xxxxxxxxxx> To: <netfilter@xxxxxxxxxxxxxxxxxxx> Sent: Thursday, August 12, 2004 3:47 AM Subject: Primordial tool missing > Hi, > > For you gurus this might be superfluous but for the lambda user a tool which > given an input packet (xxx.xxx.xxx.xxx:tcp:25) and a set of rules, show how > the packet goes from one rule to the other and finally make it to it's > destination , gets tansformed or dropped. > > This would help enormously in understanding how this stuff works (no it's not > that obvious) and I also think it would be a great help when adding rules. > > Does such a utility exist? > > Cheers, Nadim. >
