Re: which rule dropped the packet?
Change the log rules to have different prefixes, ie:
iptables -i eth0 -d 192.168.0.0/16 -j LOG --log-prefix "PrivateLanFwd "
iptables -i eth0 -d 192.168.0.0/16 -j DROP
iptables -i eth0 -d 127.0.0.1/16 -j LOG --log-prefix "Localhost "
iptables -i eth0 -d 127.0.0.1/16 -j DROP
Then you'll know. Sort of annoying to have different rules like that, but, I
only have prefixes for a couple of different tables, and that narrows it down to
a couple of rules which are pretty easy to check by hand.
Ph: Country code 676 - 27946 or 878-1332
Quoting "Peter A. Felvegi" <email@example.com>:
> is there a way to easily find out which fw rule caused the packet to be
> dropped? the fw logs before drops, but the ips and ports are of little
> if i forward a port to the lan, it works fine, can reach a local machine
> from outside. if i forward the same port to another machine on the inet,
> the fw (on the machine that does the port forwarding) drops the packets.
> why could that be?
> thanks, p
> To UNSUBSCRIBE, email to firstname.lastname@example.org
> with a subject of "unsubscribe". Trouble? Contact
This mail sent from Tonga's Premiere Internet Cafe
Visit us online at http://www.cafe.afe.to
discussions @ http://www.nomoa.com/index.php
generic info @ http://www.tongatapu.net.to