LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Networking (https://www.linuxquestions.org/questions/linux-networking-3/)
-   -   Iptables log problem (https://www.linuxquestions.org/questions/linux-networking-3/iptables-log-problem-751358/)

solink 08-30-2009 08:53 PM
Iptables log problem
 
I made a nat box with iptables (V1.3.5) ,Kernel(2.6.18-8)

PC(172.16.0.2/24) ----NAT-eth0(172.16.0.1/24) ----NAT-eth1(222.121.0.1)------internet

nat IP pool at eth1 222.121.0.2-15

I get log by next command

iptables -t nat -A POSTROUTING -o eth1 -m state --state NEW -j LOG --log-level debug

and get a log

Aug 31 13:35:32 localhost kernel: IN= OUT=eth1 SRC=172.16.0.2 DST=119.147.50.111 LEN=60 TOS=0x00 PREC=0x00 TTL=127 ID=18015 PROTO=TCP SPT=57971 DPT=22 LEN=40

But,it is not the format I need,because the log only shows two IP address, SRC(172.16.0.2) and DST(119.147.50.111).I want to get more IP info as I getting from ip_conntrack

cat /proc/net/ip_conntrack

tcp 6 431379 ESTABLISHED src=172.16.0.2 dst=119.147.50.111 sport=4000 dport=22 packets=80 bytes=6447 src=119.147.50.111 dst=222.121.0.2 sport=22 dport=4000 packets=64 bytes=12367 [ASSURED] mark=0 secmark=0 use=1

IP_conntrack log three address,src(172.16.0.2),dst(119.147.50.111) and

222.121.0.2 (translating ip)

My problem is how to making syslog item have three ip address,not just src and dst,without nat translation info

Anybody can help me,thanks!

GrapefruiTgirl 08-31-2009 01:02 AM
http://www.linuxquestions.org/questi...roblem-751362/

Hi there! Welcome to LQ :)

Let's keep the discussion in one place, shall we? Please do not post your issue more than once/in more than one place. If you have decided that you posted in in the wrong forum, please use the REPORT button, and ask that your thread be moved.

I'm going to have this one closed.
Thanks,
Sasha


All times are GMT -5. The time now is 06:37 AM.