Re: [Shorewall-users] iptrace doesn't log anything

Tom Eastep Wed, 19 Jun 2013 09:06:03 -0700

On 06/19/2013 07:57 AM, Igor Sverkos wrote:
> Hi,
> 
> does really nobody knows how to use the iptrace feature or if it is broken?
> 
>


Are you running ulogd? If so, the trace records may be in its syslogemu log.

root@gateway:/etc/default# shorewall iptrace -d 1.2.3.4
root@gateway:/etc/default# ping 1.2.3.4
PING 1.2.3.4 (1.2.3.4) 56(84) bytes of data.
^C
--- 1.2.3.4 ping statistics ---
4 packets transmitted, 0 received, 100% packet loss, time 3000ms

root@gateway:/etc/default# tail /var/log/ulogd/ulogd_syslogemu.log
Jun 19 08:58:35 gateway TRACE: mangle:OUTPUT:rule:1  IN= OUT=eth1 MAC=
SRC=70.90.191.121 DST=1.2.3.4 LEN=84 TOS=00 PREC=0x00 TTL=64 ID=0 DF
PROTO=ICMP TYPE=8 CODE=0 ID=9028 SEQ=4 UID=0 GID=0 MARK=0
Jun 19 08:58:35 gateway TRACE: mangle:accountout:rule:1  IN= OUT=eth1
MAC= SRC=70.90.191.121 DST=1.2.3.4 LEN=84 TOS=00 PREC=0x00 TTL=64 ID=0
DF PROTO=ICMP TYPE=8 CODE=0 ID=9028 SEQ=4 UID=0 GID=0 MARK=0
Jun 19 08:58:35 gateway TRACE: mangle:accountout:return:6  IN= OUT=eth1
MAC= SRC=70.90.191.121 DST=1.2.3.4 LEN=84 TOS=00 PREC=0x00 TTL=64 ID=0
DF PROTO=ICMP TYPE=8 CODE=0 ID=9028 SEQ=4 UID=0 GID=0 MARK=0
Jun 19 08:58:35 gateway TRACE: mangle:OUTPUT:rule:2  IN= OUT=eth1 MAC=
SRC=70.90.191.121 DST=1.2.3.4 LEN=84 TOS=00 PREC=0x00 TTL=64 ID=0 DF
PROTO=ICMP TYPE=8 CODE=0 ID=9028 SEQ=4 UID=0 GID=0 MARK=0
Jun 19 08:58:35 gateway TRACE: mangle:OUTPUT:policy:3  IN= OUT=eth1 MAC=
SRC=70.90.191.121 DST=1.2.3.4 LEN=84 TOS=00 PREC=0x00 TTL=64 ID=0 DF
PROTO=ICMP TYPE=8 CODE=0 ID=9028 SEQ=4 UID=0 GID=0 MARK=0
Jun 19 08:58:35 gateway TRACE: filter:OUTPUT:rule:3  IN= OUT=eth1 MAC=
SRC=70.90.191.121 DST=1.2.3.4 LEN=84 TOS=00 PREC=0x00 TTL=64 ID=0 DF
PROTO=ICMP TYPE=8 CODE=0 ID=9028 SEQ=4 UID=0 GID=0 MARK=0
Jun 19 08:58:35 gateway TRACE: filter:eth1_out:rule:2  IN= OUT=eth1 MAC=
SRC=70.90.191.121 DST=1.2.3.4 LEN=84 TOS=00 PREC=0x00 TTL=64 ID=0 DF
PROTO=ICMP TYPE=8 CODE=0 ID=9028 SEQ=4 UID=0 GID=0 MARK=0
Jun 19 08:58:35 gateway TRACE: filter:fw-net:rule:18  IN= OUT=eth1 MAC=
SRC=70.90.191.121 DST=1.2.3.4 LEN=84 TOS=00 PREC=0x00 TTL=64 ID=0 DF
PROTO=ICMP TYPE=8 CODE=0 ID=9028 SEQ=4 UID=0 GID=0 MARK=0
Jun 19 08:58:35 gateway TRACE: mangle:POSTROUTING:policy:4  IN= OUT=eth1
MAC= SRC=70.90.191.121 DST=1.2.3.4 LEN=84 TOS=00 PREC=0x00 TTL=64 ID=0
DF PROTO=ICMP TYPE=8 CODE=0 ID=9028 SEQ=4 UID=0 GID=0 MARK=0
Jun 19 08:58:35 gateway TRACE: rawpost:POSTROUTING:policy:1  IN=
OUT=eth1 MAC= SRC=70.90.191.121 DST=1.2.3.4 LEN=84 TOS=00 PREC=0x00
TTL=64 ID=0 DF PROTO=ICMP TYPE=8 CODE=0 ID=9028 SEQ=4 UID=0 GID=0 MARK=0
root@gateway:/etc/default#


-Tom
-- 
Tom Eastep        \ When I die, I want to go like my Grandfather who
Shoreline,         \ died peacefully in his sleep. Not screaming like
Washington, USA     \ all of the passengers in his car
http://shorewall.net \________________________________________________

signature.asc
Description: OpenPGP digital signature

------------------------------------------------------------------------------
This SF.net email is sponsored by Windows:

Build for Windows Store.

http://p.sf.net/sfu/windows-dev2dev

_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users

Re: [Shorewall-users] iptrace doesn't log anything

Reply via email to