tcpdump and Iptables
nickd at metastasis.org.uk
Fri Sep 3 12:23:21 CEST 2004
On Fri, Sep 03, 2004 at 08:41:42AM +0800, cc wrote:
> Nick Drage wrote:
> >>If I have iptables running and I do a tcpdump -i eth0, at what
> >>point is tcpdump listening to the connection?
> >tcpdump will see the packets before IPTables does anything to them.
> Thanks NIck for the info. Exactly what I wanted to know.
Thanks... though Jason's explanation was rather better :)
tcpdump is an excellent tool, but ( excuse me if I'm stating the obvious
), don't underestimate the usefulness of the logging rules in IPTables
tail -f /var/log/$logfile | grep $string_you_are_looking_for
mors omnia vincit
More information about the netfilter