On Friday 26 March 2010 23:05:13 Jorge Salamero Sanz wrote: > And not log at all after adding: > > iptables -t mangle -A POSTROUTING -o eth1 -s 10.10.2.1 -j LOG > --log-prefix "WRONG on eth1: " > > iptables -t mangle -A POSTROUTING -o eth2 -s 10.10.1.1 -j LOG > --log-prefix "WRONG on eth2: >
It logs now, but only DNS queries Mar 27 05:13:06 ebox kernel: [ 9281.750081] WRONG on eth1: IN= OUT=eth1 SRC=10.10.2.1 DST=192.168.100.254 LEN=71 TOS=0x00 PREC=0x00 TTL=64 ID=17565 DF PROTO=UDP SPT=51482 DPT=53 LEN=51 Mar 27 05:13:09 ebox kernel: [ 9284.620646] WRONG on eth1: IN= OUT=eth1 SRC=10.10.2.1 DST=192.168.100.254 LEN=72 TOS=0x00 PREC=0x00 TTL=64 ID=18283 DF PROTO=UDP SPT=39540 DPT=53 LEN=52 Mar 27 05:13:33 ebox kernel: [ 9309.256649] WRONG on eth1: IN= OUT=eth1 SRC=10.10.2.1 DST=192.168.100.254 LEN=72 TOS=0x00 PREC=0x00 TTL=64 ID=24445 DF PROTO=UDP SPT=57312 DPT=53 LEN=52 but on the router I can only see http requests: 018724(0) win 5840 <mss 1460,sackOK,timestamp 1529911 0,nop,wscale 1> 05:13:43.084329 IP 10.10.2.1.33519 > 170.71.234.130.www: S 2051953003:2051953003(0) win 5840 <mss 1460,sackOK,timestamp 1529981 0,nop,wscale 1> 05:14:01.485246 IP 10.10.2.1.58763 > commerce.uk.sage.com.www: S 2347788949:2347788949(0) win 5840 <mss 1460,sackOK,timestamp 1534581 0,nop,wscale 1> 05:14:17.714025 IP 10.10.2.1.33671 > dcs-home-1.dcs.wisc.edu.www: S 2600480320:2600480320(0) win 5840 <mss 1460,sackOK,timestamp 1538638 0,nop,wscale 1> Any ideas ? -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/[email protected]
