[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: turning on verbose logging for iptables?



Dave Price écrivait :
> >   iptables -I FORWARD -s $sourceIPtoSpy -j LOGIT
> >   iptables -I FORWARD -d $sourceIPtoSpy -j LOGIT
> Do I 'hard code' the sourceIPtoSpy ? ...

You may.

> Should that be the system inside my LAN, or the remote VPN router?

The one you want to spy for.
You can spy both of them if you want!

You can use as much "iptables -I FORWARD -s $differentIPtoSpy -j LOGIT"
as you want without changing your main firewall rules.

Just be carefull about the logs: they may be huge!

Regards, J.C.


-- 
To UNSUBSCRIBE, email to debian-firewall-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org



Reply to: