Hi, I set log rule for port 80 traffic logging and it is working fine.And i want to log tproxy rule which is redirect traffic from port 80 to port 3129 (squid tproxy) .So for that what will be LOG rule for this.? cat /etc/sysconfig/iptables # Generated by iptables-save v1.4.7 on Tue Aug 23 00:00:02 2011 *mangle :PREROUTING ACCEPT [2:294] :INPUT ACCEPT [49:3610] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [43:3368] :POSTROUTING ACCEPT [43:3368] :DIVERT - [0:0] -A PREROUTING -d 10.10.10.30/32 -p tcp -m tcp --dport 80 -j ACCEPT -A PREROUTING -p tcp -m socket -j DIVERT -A PREROUTING -p tcp -m tcp --dport 80 -j LOG --log-prefix "port 80" --log-level 1 -A PREROUTING -p tcp -m tcp --dport 80 -j TPROXY --on-port 3129 --on-ip 0.0.0.0 --tproxy-mark 0x1/0x1 -A DIVERT -j MARK --set-xmark 0x1/0xffffffff -A DIVERT -j ACCEPT COMMIT Actually i want to see packet redirect from port 80 to port 3129. What is the use of socket match?I try to find from google and also read some document , but i am not having any good understanding for it.So kindly guide me that what is the use of socket match and how's TPROXY match works? Thanks, Tej -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
