I've been trying to debug the reason for my netfilter (kernel version 2.6.24-19) using: " -j ULOG --ulog-prefix drop-inbound:" logs being corrupted. By corrupted, I mean they look like: > Jan 1 00:00:00 cave IN=<87><9B> OUT= MAC= SRC=0.0.0.0 DST=0.0.0.0 > LEN=0 TOS=00 PREC=0x00 TTL=0 ID=0 PROTO=0 > Jan 1 00:00:00 cave IN=]<99> OUT= MAC= SRC=0.0.0.0 DST=0.0.0.0 LEN=0 > TOS=00 PREC=0x00 TTL=0 ID=0 PROTO=0 > Jan 1 00:00:00 cave IN=<D0>_^F OUT= MAC= SRC=0.0.0.0 DST=0.0.0.0 > LEN=0 TOS=00 PREC=0x00 TTL=0 ID=0 PROTO=0 > Jan 1 00:00:00 cave IN=/^A^G OUT= MAC= SRC=0.0.0.0 DST=0.0.0.0 LEN=0 > TOS=00 PREC=0x00 TTL=0 ID=0 PROTO=0 > Jan 1 00:00:00 cave IN=<E0><99> OUT= MAC= SRC=0.0.0.0 DST=0.0.0.0 > LEN=0 TOS=00 PREC=0x00 TTL=0 ID=0 PROTO=0 * Times are always the start of the unix epoch, * the interface is always non-ascii characters. (actual interface is eth0). * "drop-inbound" prefix is missing I'm currently logging with ulogd (ulogd Version 1.23): modprobe ipt_ULOG nlbufsiz=65535 flushtimeout=100 and ulogd.conf contains: bufsize=150000 rmem=131071 file="/var/log/firewall.log" plugin="/usr/lib/ulogd/ulogd_BASE.so" plugin="/usr/lib/ulogd/ulogd_LOGEMU.so" Other information is that this box is an Ubuntu Intrepid Xen virtual machine. The other virtual machines have no problem with logging packets, just this one. I'm now somewhat at a loss for how to debug this further so any pointers would really help. S. -- Simon Tennant _____________________________________________ fixed: .uk +44 20 7043 6756 .de +49 89 420 955 854 mob: .uk +44 78 5335 6047 .de +49 17 8545 0880 xmpp: simon@xxxxxxxxxxxxxx -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html