[Bug 977] ulogd_inppkt_NFLOG.c:503 forcing unbind of existing log handler for protocol
bugzilla-daemon at netfilter.org
bugzilla-daemon at netfilter.org
Fri Nov 21 14:39:55 CET 2014
https://bugzilla.netfilter.org/show_bug.cgi?id=977
--- Comment #21 from Eric Leblond <eric at regit.org> ---
Hello,
(In reply to Netbug from comment #20)
> Hi Eric,
>
> The new log; iptables-save_nflog_2 and the output I pasted for,
>
> cat /proc/net/netfilter/nf_log;
>
> All this is good now?
All i see in the iptables rules regarding NFLOG is:
-A INPUT -j NFLOG --nflog-prefix "Shorewall:INPUT:REJECT:"
-A FORWARD -j NFLOG --nflog-prefix "Shorewall:FORWARD:REJECT:"
-A OUTPUT -j NFLOG --nflog-prefix "Shorewall:OUTPUT:REJECT:"
-A logflags -j NFLOG --nflog-prefix "Shorewall:logflags:DROP:"
-A net-fw -j NFLOG --nflog-prefix "Shorewall:net-fw:DROP:"
-A net-vpn -j NFLOG --nflog-prefix "Shorewall:net-vpn:DROP:"
-A smurflog -j NFLOG --nflog-prefix "Shorewall:smurfs:DROP:"
-A vpn-net -j NFLOG --nflog-prefix "Shorewall:vpn-net:REJECT:"
So there is --nflog-group specified which means that the default group 0 is
used.
Thus if you have not another conf where --nflog-group 1 is used then no packet
will never come to log2 which listen to that event.
Is that the case ?
--
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20141121/62a8af6f/attachment.html>
More information about the netfilter-buglog
mailing list