On Thu, Nov 24, 2005 at 12:00:17PM +0100, Jozsef Kadlecsik wrote: > > >> So are there no diagnostics, absent rebuilding with netfilters debugging on, > > >> for tracing a packet in between mangle PREROUTING and nat PREROUTING? > > > Without further aid, no. > > Okay, so I've rebuilt 2.6.8 with NETFILTER_DEBUG=Y. What would be the next > > step? From what I can tell, NETFILTER_DEBUG isn't something turned on and > > off in /proc/net or /proc/sys/net, it just is "on," but I'm not quite sure > > what sort of debug messages we should be trying to get and how. > You should get debug messages logged with the 'kernel' syslog facility. > Look at /var/log/kern.log. Strangely, all that is appearing in /var/log/kern.log are my LOG targets, in other words, exactly what I was getting with NETFILTER_DEBUG=N. # grep NETFILTER_DEBUG /boot/config-`uname -r` CONFIG_NETFILTER_DEBUG=y # grep -v EEE /var/log/kern.log <no results> (where EEE is part of my prefix in --log-prefix for the LOG target). > I'm going to try to emulate your problem with nfsim using your setup and > the tcpdump results. Probably that can help. That would be great. Thanks-- -- Adam Rosi-Kessel http://adam.rosi-kessel.org
