if iptables rules drop that packet, will they be displayed in tcpdump
Keith Mastin
kmastin-PzQIwG9Jn9VAFePFGvp55w at public.gmane.org
Tue Nov 18 16:55:27 UTC 2003
> if iptables rules drop that packet, will they be displayed in tcpdump?
> Im guessing no, since they packets dont even get in the front door.
>
> I guess my alternatives are to disable the rules and then use tcpdump, or
> use the LOG functions in iptables...Probably easier to just temporarily
> disable the offending iptables rules.
>
> Im really wary of security now. Like paranoid.
If 1) security is a condiseration; and 2) you want to see the traffic your
firewall is battered with; and 3) you don't want to disable your packet
filter; then put a machine running snort outside the firewall.
--
Keith
--
The Toronto Linux Users Group. Meetings: http://tlug.ss.org
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://tlug.ss.org/subscribe.shtml
More information about the Legacy
mailing list