Change the log rules to have different prefixes, ie: iptables -i eth0 -d 192.168.0.0/16 -j LOG --log-prefix "PrivateLanFwd " iptables -i eth0 -d 192.168.0.0/16 -j DROP
iptables -i eth0 -d 127.0.0.1/16 -j LOG --log-prefix "Localhost " iptables -i eth0 -d 127.0.0.1/16 -j DROP Then you'll know. Sort of annoying to have different rules like that, but, I only have prefixes for a couple of different tables, and that narrows it down to a couple of rules which are pretty easy to check by hand. Pulu ---- Afe.to ANTS POB 1478 Nuku'alofa, Tonga Ph: Country code 676 - 27946 or 878-1332 http://www.afe.to http://svcs.affero.net/rm.php?r=pulu Quoting "Peter A. Felvegi" <[EMAIL PROTECTED]>: > hello, > > is there a way to easily find out which fw rule caused the packet to be > dropped? the fw logs before drops, but the ips and ports are of little > help. > if i forward a port to the lan, it works fine, can reach a local machine > from outside. if i forward the same port to another machine on the inet, > the fw (on the machine that does the port forwarding) drops the packets. > why could that be? > > thanks, p > > > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact > [EMAIL PROTECTED] > ------------------------------------------------- This mail sent from Tonga's Premiere Internet Cafe Visit us online at http://www.cafe.afe.to discussions @ http://www.nomoa.com/index.php generic info @ http://www.tongatapu.net.to
