Netfilter NAT & LOG
sampsa@staff.netsonic.fi
sampsa@staff.netsonic.fi
Sun, 12 Mar 2000 15:17:50 +0200 (EET)
Hello again,
I've got some toughts more to share with you.
It seems that what says in netfilter home page about 0.90.4
"It has four useful targets: SNAT, DNAT, MASQUERADE and REDIRECT." is not
the whole truth. Also LOG seems to be accepted as target with -t nat.
Altought the log is not very useful because it does not tell how the
packet is mangled.
While I use NAT with IP range, I have cases when I sometimes need to be
able to check who did and what. So, could it be possible to implement NAT
specific fix to the LOG-target or some other way log the connections.
If it would be possible to select the logging on same line with actual
NAT command, would be great. I wonder what happened to -m log, wonder why
was it replaced with target LOG, this does serve less cases than the match
criteria. I think this is even incompatible with ipchains which had
logging option as separate option.
Umm, thinking while writing is bad for readers, but what I wanted to
know is.
1) can I use logging without -j LOG
2) can I get NAT source/destinatin changes printed with logging
- Sampsa Ranta
sampsa@netsonic.fi