LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
Reload this Page Iptables log problem
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Closed Thread
  Search this Thread
Old 08-30-2009, 08:53 PM   #1
solink
LQ Newbie
 
Registered: Aug 2009
Posts: 4

Rep: Reputation: 0
Smile Iptables log problem

I made a nat box with iptables (V1.3.5) ,Kernel(2.6.18-8)

PC(172.16.0.2/24) ----NAT-eth0(172.16.0.1/24) ----NAT-eth1(222.121.0.1)------internet

nat IP pool at eth1 222.121.0.2-15

I get log by next command

iptables -t nat -A POSTROUTING -o eth1 -m state --state NEW -j LOG --log-level debug

and get a log

Aug 31 13:35:32 localhost kernel: IN= OUT=eth1 SRC=172.16.0.2 DST=119.147.50.111 LEN=60 TOS=0x00 PREC=0x00 TTL=127 ID=18015 PROTO=TCP SPT=57971 DPT=22 LEN=40

But,it is not the format I need,because the log only shows two IP address, SRC(172.16.0.2) and DST(119.147.50.111).I want to get more IP info as I getting from ip_conntrack

cat /proc/net/ip_conntrack

tcp 6 431379 ESTABLISHED src=172.16.0.2 dst=119.147.50.111 sport=4000 dport=22 packets=80 bytes=6447 src=119.147.50.111 dst=222.121.0.2 sport=22 dport=4000 packets=64 bytes=12367 [ASSURED] mark=0 secmark=0 use=1

IP_conntrack log three address,src(172.16.0.2),dst(119.147.50.111) and

222.121.0.2 (translating ip)

My problem is how to making syslog item have three ip address,not just src and dst,without nat translation info

Anybody can help me,thanks!
Last edited by solink; 08-30-2009 at 09:18 PM.
 
Old 08-31-2009, 01:02 AM   #2
GrapefruiTgirl
LQ Guru
 
Registered: Dec 2006
Location: underground
Distribution: Slackware64
Posts: 7,594

Rep: Reputation: 556Reputation: 556Reputation: 556Reputation: 556Reputation: 556Reputation: 556
http://www.linuxquestions.org/questi...roblem-751362/

Hi there! Welcome to LQ

Let's keep the discussion in one place, shall we? Please do not post your issue more than once/in more than one place. If you have decided that you posted in in the wrong forum, please use the REPORT button, and ask that your thread be moved.

I'm going to have this one closed.
Thanks,
Sasha
 
  


Closed Thread



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Firewall log file, how to make several different log files with IPTables? newtovanilla Linux - Newbie 5 11-28-2008 12:39 PM
Deleted /var/log/messages, can't log any files-iptables chingyenccy Linux - Newbie 7 02-27-2005 04:03 PM
Iptables log problem _kossak_ Linux - Security 1 09-10-2003 01:31 PM
iptables, changing log file from /var/log/messages acid2000 Linux - Networking 3 03-11-2003 08:38 PM
iptables - I added a second nic and cannot ssh to it. Log shows a potential problem. ForumKid Linux - Security 12 01-18-2002 09:13 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 09:14 PM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration