Re: iptables logging
From: Allen Kistler (ackistler@yahoo.com)
Date: 03/16/03
- Next message: Allen Kistler: "Re: Security issues with regards to wireless networks..."
- Previous message: hadavidi: "Nmap results formatting"
- In reply to: me: "iptables logging"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: Allen Kistler <ackistler@yahoo.com> Date: Sun, 16 Mar 2003 17:52:01 GMT
me wrote:
> Hi all,
>
> Being new to Linux and iptable, u will excuse the ignorance.
>
> I need to be able to log the activities of our users and their network
> access. Using iptable I NAT the inside ipaddress, but my log only shows the
> path of the inside addresses.
> EG if 192.1.168.25 makes a request to 205.169.56.35. I only see the log
> trace of 192.1.168.25 as src and 192.1.168.1 as dst, that being the
> firewall. can someone help ans show how I can trace the NATed ip address
> aswell
Usually when you NAT to hide internal addresses, you use MASQUERADE or
SNAT in the POSTROUTING chain of the nat table. If you perform the
logging in the FORWARD chain of the filter table, you would see
unaltered addresses.
In the situation you describe, you're taking a packet from your private
LAN destined for the public Internet and changing the public destination
address to be the firewall's private interface. If that's really the
case, logging is the least of your worries. You've chopped your private
users off from all Internet access by breaking the routing of the
packets. Or have I misunderstood?
- Next message: Allen Kistler: "Re: Security issues with regards to wireless networks..."
- Previous message: hadavidi: "Nmap results formatting"
- In reply to: me: "iptables logging"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
