Open GoogleCodeExporter opened 8 years ago
they log also the traffic that may be allowed by the subsequent rules http://pastebin.ca/924799 03/10/08 14:46:27 changed by lubek The pastebin has expired. The possible ruleset is included: # create logb4end chains for target in filter nat; do $IPTABLES -t $target -N logb4end $IPTABLES -t $target -A logb4end -j LOG --log-level debug --log-prefix "B4END: " $IPTABLES -t $target -A logb4end -j RETURN done # INPUT $IPTABLES -I INPUT 1 -m state --state INVALID -j logb4end $IPTABLES -I INPUT 4 -p tcp --tcp-flags SYN SYN --tcp-option \! 2 -j logb4end $IPTABLES -I INPUT 11 -j logb4end # FORWARD $IPTABLES -I FORWARD 1 -m state --state INVALID -j logb4end $IPTABLES -A FORWARD -j logb4end # OUTPUT $IPTABLES -I OUTPUT 1 -m state --state INVALID -j logb4end $IPTABLES -I OUTPUT 6 -j logb4end #NEW $IPTABLES -t nat -I NEW 2 -j logb4end
Original issue reported on code.google.com by kemen04@gmail.com on 27 Jun 2008 at 1:30
kemen04@gmail.com
Original comment by kemen04@gmail.com on 17 Jul 2008 at 3:52
Original comment by kemen04@gmail.com on 8 Aug 2008 at 4:44
Original issue reported on code.google.com by
kemen04@gmail.com
on 27 Jun 2008 at 1:30