why my kernel is not logging the packets

ilnli · 01-22-2005, 05:48 AM

Code:

root@DARKSTAR:~# iptables -L -v -n
Chain INPUT (policy ACCEPT 443 packets, 206K bytes)
 pkts bytes target     prot opt in     out     source               destination
  437  206K LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0           LOG flags 0 level 4

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0           LOG flags 0 level 4

Chain OUTPUT (policy ACCEPT 504 packets, 48767 bytes)
 pkts bytes target     prot opt in     out     source               destination
  492 47289 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0           LOG flags 0 level 4
root@DARKSTAR:~# lsmod
Module                  Size  Used by    Tainted: P
ipt_MASQUERADE          1304   0  (unused)
iptable_nat            15438   0  [ipt_MASQUERADE]
ipt_TOS                  984   0  (unused)
ip_conntrack_irc        3024   0  (unused)
ip_conntrack_ftp        3888   0  (unused)
ipt_REJECT              3160   0  (autoclean)
iptable_mangle          2072   0  (autoclean) (unused)
ppp_deflate             3256   1  (autoclean)
zlib_deflate           18328   0  (autoclean) [ppp_deflate]
bsd_comp                4344   0  (autoclean)
ppp_async               7392   1  (autoclean)
ppp_generic            19492   3  (autoclean) [ppp_deflate bsd_comp ppp_async]
slhc                    4976   1  (autoclean) [ppp_generic]
appletalk              21124   1  (autoclean)
ipx                    17220   1  (autoclean)
snd-pcm-oss            37736   1
snd-mixer-oss          12504   0  [snd-pcm-oss]
ipt_LOG                 3416   3  (autoclean)
ipt_limit                856   0  (autoclean)
ipt_state                504   0  (autoclean)
ip_conntrack           19236   3  (autoclean) [ipt_MASQUERADE iptable_nat ip_conntrack_irc ip_conntrack_ftp ipt_state]
iptable_filter          1644   1  (autoclean)
ip_tables              12416  11  [ipt_MASQUERADE iptable_nat ipt_TOS ipt_REJECT iptable_mangle ipt_LOG ipt_limit ipt_state iptable_filter]
snd-intel8x0           18924   2
snd-ac97-codec         49500   0  [snd-intel8x0]
gameport                1420   0  [snd-intel8x0]
snd-pcm                56072   0  [snd-pcm-oss snd-intel8x0]
snd-timer              13604   0  [snd-pcm]
snd-page-alloc          6328   0  [snd-intel8x0 snd-pcm]
snd-mpu401-uart         3200   0  [snd-intel8x0]
snd-rawmidi            12740   0  [snd-mpu401-uart]
snd-seq-device          3888   0  [snd-rawmidi]
snd                    30852   1  [snd-pcm-oss snd-mixer-oss snd-intel8x0 snd-ac97-codec snd-pcm snd-timer snd-mpu401-uart snd-rawmidi snd-seq-device]
soundcore               3460   4  [snd]
usb-ohci               19240   0  (unused)
ehci-hcd               17580   0  (unused)
sis900                 12396   1
crc32                   2880   0  [sis900]
hsfpcibasic2           41228   2
hsfserial              29736   2  [hsfpcibasic2]
hsfengine            1111540   0  [hsfserial]
hsfosspec              58564   2  [hsfpcibasic2 hsfserial hsfengine]
usbcore                59308   1  [usb-ohci ehci-hcd hsfosspec]
hsfsoar                53320   0  [hsfpcibasic2]
ntfs                   51424   2  (autoclean)
ide-scsi                9328   0
agpgart                43940   0  (unused)
root@DARKSTAR:~#

trickykid · 01-22-2005, 09:58 AM

Not sure why you included your lsmod output but are you referring to or asking why your kernel isn't logging any iptable packets? After setting up the iptable rules, did you restart your syslogging? Did you test by attempting to connect to one of your rules you've placed and watched your log output?

ilnli · 01-22-2005, 11:40 AM

thanx i got it

trickykid · 01-22-2005, 04:41 PM

Quote:

Originally posted by ilnli
thanx i got it

Care to share what your solution was? You know others that have the same questions looking for answers might benefit from your solution.

ilnli · 01-23-2005, 01:11 PM

actually I was getting kernel messages in other file rather than /var/log/messages which I came to know after having a look on my /etc/syslog.conf file.