Re: turning on verbose logging for iptables?

To: Dave Price <davep@kinaole.org>
Cc: Debian Firewall List <debian-firewall@lists.debian.org>
Subject: Re: turning on verbose logging for iptables?
From: Jean Christophe ANDRÃ? <jean-christophe.andre@auf.org>
Date: Wed, 17 Jul 2002 21:01:17 +0700
Message-id: <[🔎] 20020717140116.GD10321@virus.home>
In-reply-to: <[🔎] 20020717074507.E15194@kinaole.org>
References: <[🔎] 20020717072527.B15194@kinaole.org> <[🔎] 20020717133331.GB10321@virus.home> <[🔎] 20020717074507.E15194@kinaole.org>

Dave Price écrivait :
> >   iptables -I FORWARD -s $sourceIPtoSpy -j LOGIT
> >   iptables -I FORWARD -d $sourceIPtoSpy -j LOGIT
> Do I 'hard code' the sourceIPtoSpy ? ...

You may.

> Should that be the system inside my LAN, or the remote VPN router?

The one you want to spy for.
You can spy both of them if you want!

You can use as much "iptables -I FORWARD -s $differentIPtoSpy -j LOGIT"
as you want without changing your main firewall rules.

Just be carefull about the logs: they may be huge!

Regards, J.C.


-- 
To UNSUBSCRIBE, email to debian-firewall-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to:

References:
- turning on verbose logging for iptables?
  - From: Dave Price <davep@kinaole.org>
- Re: turning on verbose logging for iptables?
  - From: Jean Christophe ANDRÃ? <jean-christophe.andre@auf.org>
- Re: turning on verbose logging for iptables?
  - From: Dave Price <davep@kinaole.org>

Prev by Date: Re: turning on verbose logging for iptables?
Next by Date: Re: woody firewall broken?
Previous by thread: Re: turning on verbose logging for iptables?
Next by thread: FOLLOWUP Re: turning on verbose logging for iptables?
Index(es):
- Date
- Thread