Re: iptable mac address not showing in log
On Tuesday 19 of February 2013, sectech wrote:
> Hi, I need the mac address of the originating request of out going packets.
> Im not sure if im missing something or maybe debian squeeze does not have
> this functionality? But here is my iptable command and im logging ALL NEW
> requests out-going (INFO) on eth0
> iptables -A OUTPUT -o eth0 -p tcp -m state --state NEW -j LOG --log-level 6
> iptables -A OUTPUT -o eth0 -p udp -m state --state NEW -j LOG --log-level 6
> Feb 18 22:17:32 my-debian kernel: [50421.784255] IN= OUT=eth0 SRC=22.214.171.124
> DST=126.96.36.199 LEN=81 TOS=0x00 PREC=0x00 TTL=64 ID=13743 PROTO=UDP SPT=1765
> DPT=53 LEN=61
Hi, if you are logging in OUTPUT chain, then the MAC adress is the address of
your computer. Only packets generated by the computer itself are logged. In
this case see "ifconfig eth0" to get your MAC address.
Perhaps you wanted to log outgoing packets in the FORWARD chain?
=== WebStep, s.r.o. (Ltd.) ========= a step to the Web ===
address: Mezirka 1, 602 00 Brno, CZ, tel: +420 548 214 711
=== www.webstep.net ======= email@example.com ===