New to netfilter/iptables. I am writing a small kernel module using netfilter hooks. For debugging I need to log the packets at the hooks NF_IP_POST_ROUTING and NF_IP_PRE_ROUTING. >From what I understand, the iptables chains "INPUT" and "OUTPUT" in the "filter" table are hooked in at NF_IP_LOCAL_IN and NF_IP_LOCAL_OUT respectively. So if I try to do something like : iptables -A OUTPUT -j ULOG --ulog-nlgroup 1 --ulog-prefix foo this will log the packets from the NF_IP_LOCAL_OUT hook. But I would like to log them from the NF_IP_POST_ROUTING (and NF_IP_PRE_ROUTING too) hooks. Is there a simple way to achieve this using iptables/netfilter? thanks for any help/pointers. Shavian. ps: I tried to do this (without fully understanding if it will work ): iptables -A POSTROUTING -t nat -j ULOG --ulog-nlgroup 1 --ulog-prefix foo but it didnt..
