On Fri, Sep 11, 2015 at 03:31:05PM +0200, Vieri Di Paola wrote: > [sorry, I previously replied only to Pablo instead of the mailing list] > > # cat /proc/net/netfilter/nf_log > 0 NONE (nfnetlink_log) > 1 NONE (nfnetlink_log) > 2 nfnetlink_log (nf_log_ipv4,nfnetlink_log) > 3 NONE (nfnetlink_log) > 4 NONE (nfnetlink_log) > 5 NONE (nfnetlink_log) > 6 NONE (nfnetlink_log) > 7 NONE (nfnetlink_log) > 8 NONE (nfnetlink_log) > 9 NONE (nfnetlink_log) > 10 NONE (nfnetlink_log) > 11 NONE (nfnetlink_log) > 12 NONE (nfnetlink_log) > > Do I need to change the backend? > eg. sysctl net.netfilter.nf_log.2=ipt_LOG You have to switch to nf_log_ipv4, yes. Otherwise the trace messages go to nfnetlink_log, thus you'll need ulogd2, which is something that you may not need in your setup. -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
