Jason Vas Dias <jason.vas.dias@xxxxxx> wrote: > RE: you wrote: > > Run "xtables-monitor --trace". > > Thanks for the info about xtables-monitor - yes, that does give alot > of extra information about rule chain processing. > > But I'd just like to understand : > Why does this work under kernel v6.2.16 and not under v4.18.0-477 ? > : > # iptables -t raw -A PREROUTING -p icmp -j TRACE > # iptables -t raw -A OUTPUT -p icmp -j TRACE > # modprobe nf_log_ipv4 > # echo nf_log_ipv4 > /proc/sys/net/netfilter/nf_log/2 > > How can I enable the 'nf_log_syslog' module, so that it does > in fact emit TRACE kernel messages to syslog, as it purports > to be able to do, under v4.18.0-477 ? You need to install iptables-legacy, not shipped in RHEL8.
