On Fri, Sep 03, 2004 at 08:41:42AM +0800, cc wrote: > Nick Drage wrote: > >>If I have iptables running and I do a tcpdump -i eth0, at what > >>point is tcpdump listening to the connection? > > > >tcpdump will see the packets before IPTables does anything to them. > > Thanks NIck for the info. Exactly what I wanted to know. Thanks... though Jason's explanation was rather better :) tcpdump is an excellent tool, but ( excuse me if I'm stating the obvious ), don't underestimate the usefulness of the logging rules in IPTables combined with tail -f /var/log/$logfile | grep $string_you_are_looking_for -- mors omnia vincit
