<html>
<head>
<base href="https://bugzilla.netfilter.org/" />
</head>
<body><table border="1" cellspacing="0" cellpadding="8">
<tr>
<th>Bug ID</th>
<td><a class="bz_bug_link
bz_status_NEW "
title="NEW - trace target docs could be better"
href="https://bugzilla.netfilter.org/show_bug.cgi?id=1076">1076</a>
</td>
</tr>
<tr>
<th>Summary</th>
<td>trace target docs could be better
</td>
</tr>
<tr>
<th>Product</th>
<td>iptables
</td>
</tr>
<tr>
<th>Version</th>
<td>1.4.x
</td>
</tr>
<tr>
<th>Hardware</th>
<td>x86_64
</td>
</tr>
<tr>
<th>OS</th>
<td>Fedora
</td>
</tr>
<tr>
<th>Status</th>
<td>NEW
</td>
</tr>
<tr>
<th>Severity</th>
<td>enhancement
</td>
</tr>
<tr>
<th>Priority</th>
<td>P5
</td>
</tr>
<tr>
<th>Component</th>
<td>iptables
</td>
</tr>
<tr>
<th>Assignee</th>
<td>netfilter-buglog@lists.netfilter.org
</td>
</tr>
<tr>
<th>Reporter</th>
<td>justin@devuyst.com
</td>
</tr></table>
<p>
<div>
<pre>I had a really hard time getting TRACE logging to work.
I guess the problem is a combination of the fact that
I'm not a hardcore sa and that the TRACE docs (
in the iptables-extensions manpage) mentioned
"ip(6)t_LOG or nfnetlink_log". When I saw that
the rule was matching I then started to search
for ipt_LOG which turned out to be unfruitful.
Eventually someone on irc gave me the right
answer which was:
modprobe nf_log_ipv4;
sysctl net.netfilter.nf_log.2=nf_log_ipv4;
and then it worked. Maybe the docs for TRACE
could be enhanced to include info like this or
at least pointers to the casual sa where to look.
I'm on fedora 24 which seems to be using
iptables v1.4.21.
Thanks,
jdv</pre>
</div>
</p>
<hr>
<span>You are receiving this mail because:</span>
<ul>
<li>You are watching all bug changes.</li>
</ul>
</body>
</html>