On October 2, 2004 05:24 pm, mlist@xxxxxxxxx wrote:
> Hi
>
> I installed Fedora core 2 and configured iptables with Guarddog and all
> works correctly (I know to configure iptables manually is better but I need
> to study it before manually write a configuration file).
> My problem is that I need to know if is possible or not always logging
> source mac address. With guarddog I tried all log levels ("debug", "alert",
> "critical") but the problem is that mac address is not always registered.
> Is there a way to log in all conditions (not only with drop or reject) the
> source mac address???
>
You do realize that you can only see the MAC address if you happen to be
connected to the same network segment -- okay make that physical connection
-- as the other end of the connection? (there are instances of bridged
networks where you won't see mac from other end even on the same segment)
You will NOT be able to see the MAC address of the other end of a connection
if it has been routed. Although you might see a MAC address in say
ethereal, it will be the MAC address of the other end of that physical hop --
i.e. the next router in the link.
( I think I said that straight --- but I'm kinda sleepy)
Alistair Tonner
> Thanks a lot
> Marco
> Italy
>
> ---
> Outgoing mail is certified Virus Free.
> Checked by AVG anti-virus system (http://www.grisoft.com).
> Version: 6.0.771 / Virus Database: 518 - Release Date: 28/09/2004
