The subject says it all. I have set up logging like so : -------------------------------------------------------------------------------------------------------------------- iptables -A INPUT -m state --state INVALID -j LOG --log-prefix "DROP INVALID " --log-ip-options --log-tcp-options iptables -A INPUT -i $INTIF ! -s $LAN -j LOG --log-prefix "SPOOFED PKT " iptables -A INPUT ! -i lo -j LOG --log-prefix "DROP " --log-ip-options --log-tcp-options iptables -A OUTPUT -m state --state INVALID -j LOG --log-prefix "DROP INVALID " --log-ip-options --log-tcp-options iptables -A OUTPUT ! -o lo -j LOG --log-prefix "DROP " --log-ip-options --log-tcp-options iptables -A FORWARD -m state --state INVALID -j LOG --log-prefix "DROP INVALID " --log-ip-options --log-tcp-options iptables -A FORWARD -i $INTIF ! -s $LAN -j LOG --log-prefix "SPOOFED PKT " iptables -A FORWARD ! -i lo -j LOG --log-prefix "DROP " --log-ip-options --log-tcp-options -------------------------------------------------------------------------------------------------------------------- and dmesg is flooded by DROP log messages etc. I have NETFILTER_NETLINK_LOG [=m] in the kenel config, but I don't know how to use it, (and what the module name is). Any pointers/help will be much appreciated. -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
