How to log redirected packets

Abdul-Wahid Paterson abdulwahid at gmail.com
Thu Sep 9 14:04:26 CEST 2004


You need to add in the same matches as your redirect statements...So
one for each with the first one being:

iptables -t nat -A INSERT 1 -p tcp --dport 80 -j LOG --log-level debug

I have put this as an INSERT as it has to go above the redirect line.
Following this example you can make a LOG line for each of your
redirects.


Abdul-Wahid


On Wed, 8 Sep 2004 18:42:47 -0400, Khoa Nguyen <knguyen at megisto.com> wrote:
> Hi,
> 
> I have the following in the nat table:
> 
> [root at jungle log]# iptables -t nat -L -v
> Chain PREROUTING (policy ACCEPT 6 packets, 547 bytes)
>  pkts bytes target     prot opt in     out     source
> destination
>     2   120 REDIRECT   tcp  --  any    any     anywhere
> anywhere           tcp dpt:http redir ports 8081
>     0     0 REDIRECT   tcp  --  any    any     anywhere
> 172.16.6.5         tcp dpt:rtsp redir ports 8081
>     0     0 REDIRECT   tcp  --  any    any     172.16.6.5
> anywhere           tcp spt:rtsp redir ports 8081
>     0     0 REDIRECT   tcp  --  any    any     anywhere
> 172.16.6.6         tcp dpt:rtsp redir ports 8081
>     0     0 REDIRECT   tcp  --  any    any     172.16.6.6
> anywhere           tcp spt:rtsp redir ports 8081
> 
> Now I would like to log all redirected packets to a file. How do I do
> that? I did try the following but it didn't work:
> 
> iptables -t nat -A PREROUTING -j LOG --log-level debug
> 
> It only logged message destined to its local interface.
> 
> Thanks,
> 
> Khoa Nguyen
> 
>



More information about the netfilter mailing list