|
Joe:
This isn't exactly what you asked for, but the effect is the same. After
marking a packet like so:
$iptables -t mangle -A PREROUTING -i $inet_iface -p tcp -s 0.0.0.0/0 -d
$inet_ip --dport http -j MARK --set-mark 1
Use the same rule to add a log entry:
$iptables -t mangle -A PREROUTING -i $inet_iface -p tcp -s 0.0.0.0/0 -d
$inet_ip --dport http -j LOG --log-level DEBUG --log-prefix "fwmark 1: "
So, its not really logging marked packets, just using the same rule for
logging.
I looked in the man page, and couldn't figure out where --mark is
supposed to go.
- Brent Cook
On Wed, 27 Mar 2002, Joseph Mack wrote:
> I want to LOG packets with a fwmark. I can't get the syntax right.
> Here's one of my attempts to log all packets with fwmark==1. All
> get a syntax error.
>
> $iptables --mark 1 -j LOG --log-level DEBUG --log-prefix "fwmark 1: "
>
> I've tried about a dozen combinations using the typewriter-monkey-sonnet
> principle but haven't found how to do it.
>
> Thanks
> Joe
> --
> Joseph Mack PhD, Senior Systems Engineer, Lockheed Martin
> contractor to the National Environmental Supercomputer Center,
> mailto:mack.joseph@xxxxxxx ph# 919-541-0007, RTP, NC, USA
>
> _______________________________________________
> LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
> Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
> or go to http://www.in-addr.de/mailman/listinfo/lvs-users
>
|
