[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: subnet routing problem

From: Pete Nesbitt <pete linux1 ca>
To: redhat-list redhat com
Subject: Re: subnet routing problem
Date: Thu Jan 29 21:33:14 2004

On January 29, 2004 10:14 am, Ronnie Pettersson wrote:
> Is there any way to debug/log the routing in the server/router. Would
> logging the FORWARD table in ip_tables work? if so, what would be a
> good command?
>
> Ronnie
>

Hi Ronnie,
if you are using iptables with a regular script (not the gui tool, don't know 
it too well) you can simple use something like the folowing at the top of 
your rules, before any jumps or ACCEPTS, to log  things and then easily grep 
them from /var/log/messages:

$IPTABLES -A FORWARD -m limit -j LOG --log-prefix "NetF FORWARD CHAIN: "

you may want to set two rules one for each direction:
(define LAN_2 to eth0 laptop side, and LAN_2 the embeded sides niv eth1)
LAN_1=eth0  #(logical LAN 1, say laptop side)
LAN_2=eth1  #(logical LAN 2, say embeded side)
$IPTABLES -A FORWARD -i $LAN_1 -m limit -j LOG --log-prefix "NetF FROM LAN1: "
$IPTABLES -A FORWARD -i $LAN_2 -m limit -j LOG --log-prefix "NetF FROM LAN2: "

you could filter it more with lines like:
$IPTABLES -A FORWARD -i $LAN_1 -d $LAN2-IP -m limit -j LOG --log-prefix "NetF 
FROM LAN1: "
$IPTABLES -A FORWARD -i $LAN_2 -d $LAN1-IP -m limit -j LOG --log-prefix "NetF 
FROM LAN2: "

Try a few pings and things, then:
grep -n "NetF FROM LAN" /var/log/messages

-- 
Pete Nesbitt, rhce

Follow-Ups:
- Re: subnet routing problem
  - From: Ronnie Pettersson

References:
- Re: subnet routing problem
  - From: Ronnie Pettersson

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]