[Reply CC'ed to the list] Sthu Deus a écrit : > Good time of the day, Pascal. > > Thank You for Your time and important to me answer. > You worte: > >> Is the UID missing for all packets or only for this one ? >> According to a quick test, it seems that the last ACK in a TCP >> connection does not have a UID (probably because the socket is >> closed). Packets generated by the kernel itself (TCP RST, ICMP >> messages...) do no have a UID. > > I have tested and found that it is true - only filtered out packets > have no UID - others had (when I logged all of them and just the > filtered out ones). > > Am I correct supposing that those packets having no UIDs are kernel > generated ones, and only?
I have no certainty, but I suppose so. >>> Also, may You know the answer to my curiocity, Why I can not locate >>> '-j LOG' in above iptables rule at the end of the rule? - For >>> iptables complains about unknown '--log-uid'. - I understand that >>> something is then missing before the sufix, but from iptables man. >>> it is not evident to me what. >> --log-* are options to the LOG target, so iptables does not expect >> them before. > > Oh, I've got the point - I though LOG target is same as others and > therefore failed understanding it. Thanks for explanation, again. The same as what others ? LOG is handles by iptables just as any other target or match. Its options must appear after its name. -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/[email protected]
