[Bug 1076] New: trace target docs could be better
bugzilla-daemon at netfilter.org
bugzilla-daemon at netfilter.org
Sat Jun 25 07:27:25 CEST 2016
https://bugzilla.netfilter.org/show_bug.cgi?id=1076
Bug ID: 1076
Summary: trace target docs could be better
Product: iptables
Version: 1.4.x
Hardware: x86_64
OS: Fedora
Status: NEW
Severity: enhancement
Priority: P5
Component: iptables
Assignee: netfilter-buglog at lists.netfilter.org
Reporter: justin at devuyst.com
I had a really hard time getting TRACE logging to work.
I guess the problem is a combination of the fact that
I'm not a hardcore sa and that the TRACE docs (
in the iptables-extensions manpage) mentioned
"ip(6)t_LOG or nfnetlink_log". When I saw that
the rule was matching I then started to search
for ipt_LOG which turned out to be unfruitful.
Eventually someone on irc gave me the right
answer which was:
modprobe nf_log_ipv4;
sysctl net.netfilter.nf_log.2=nf_log_ipv4;
and then it worked. Maybe the docs for TRACE
could be enhanced to include info like this or
at least pointers to the casual sa where to look.
I'm on fedora 24 which seems to be using
iptables v1.4.21.
Thanks,
jdv
--
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20160625/b700e79e/attachment.html>
More information about the netfilter-buglog
mailing list