Re: [security] iptables
also sprach GARGIULO Eduardo INGDESI (on Mon, 02 Jul 2001 04:25:57PM -0300):
> I was using ipchains, but now I have kernel v2.4.5 with iptables.
> I want to know how to monitor masqueraded connections. I mean the
> output of
>
> ipchains -L -M -v
>
> using iptables. I didn't found it in man iptables.
well, a masquerade entry for iptables is achieved with the line:
iptables -t nat -A POSTROUTING -s $INTRANETSUBNET -j MASQUERADE
so intuitively, you'd view the entry with
iptables -t nat -L -M -v
*but* that doesn't work because iptables has been cleaned entirely off
the masquerading stuff (which is now a module) so as to be a real
packet filter, not a mangler. anyway, the netfilter team left the -M
switch out because sooner or later, iptables won't do any masquerading
anymore as it's not supposed to do that in the first place.
to monitor masq'd connections, i use iptraf, which works quite well
actually.
martin; (greetings from the heart of the sun.)
\____ echo mailto: !#^."<*>"|tr "<*> mailto:" net@madduck
--
printer not ready.
could be a fatal error.
have a pen handy?
Reply to:
- References:
- iptables
- From: GARGIULO Eduardo INGDESI <YAPEDU@SIDERAR.COM>