How to log redirected packets

Jose Maria Lopez jkerouac at bgsec.com
Thu Sep 9 18:41:32 CEST 2004


El jue, 09 de 09 de 2004 a las 00:42, Khoa Nguyen escribió:
> Hi,
> 
> I have the following in the nat table:
> 
> [root at jungle log]# iptables -t nat -L -v
> Chain PREROUTING (policy ACCEPT 6 packets, 547 bytes)
>  pkts bytes target     prot opt in     out     source
> destination         
>     2   120 REDIRECT   tcp  --  any    any     anywhere
> anywhere           tcp dpt:http redir ports 8081 
>     0     0 REDIRECT   tcp  --  any    any     anywhere
> 172.16.6.5         tcp dpt:rtsp redir ports 8081 
>     0     0 REDIRECT   tcp  --  any    any     172.16.6.5
> anywhere           tcp spt:rtsp redir ports 8081 
>     0     0 REDIRECT   tcp  --  any    any     anywhere
> 172.16.6.6         tcp dpt:rtsp redir ports 8081 
>     0     0 REDIRECT   tcp  --  any    any     172.16.6.6
> anywhere           tcp spt:rtsp redir ports 8081 
> 
> 
> Now I would like to log all redirected packets to a file. How do I do
> that? I did try the following but it didn't work:
> 
> iptables -t nat -A PREROUTING -j LOG --log-level debug
> 

Try inserting the rule above the REDIRECT rules.
iptables -t nat -I PREROUTING -j LOG --log-level debug

This will log all your connections, so maybe you can insert
one identical rule for each REDIRECT rule you already have,
that would be better so you just have logs from the rules
you really want.


> It only logged message destined to its local interface.
> 
> Thanks,
> 
> Khoa Nguyen
-- 
Jose Maria Lopez Hernandez
Director Tecnico de bgSEC
jkerouac at bgsec.com
bgSEC Seguridad y Consultoria de Sistemas Informaticos
http://www.bgsec.com
ESPAÑA

The only people for me are the mad ones -- the ones who are mad to live,
mad to talk, mad to be saved, desirous of everything at the same time,
the ones who never yawn or say a commonplace thing, but burn, burn, burn
like fabulous yellow Roman candles.
                -- Jack Kerouac, "On the Road"




More information about the netfilter mailing list