Re: Iptables logging only output packets

[Jeffrey Laramie <JALaramie@Loudoun-Fairfax.com>]

James Martin wrote:

>Hi. My problem with Iptables is that it logs only
>outgoing packet, and not incoming ones.
>
>It is set up in a very simple way, more to do packet
>logging/capturing than to do do real firewalling. Its
>main purpose is a didactic one. 
>etho is connected to the Internet, and eth2 goes to
>the LAN (for some strange reasons the additional
>pcmcia ethernet card on the Toshiba laptop is
>recognized as eth1 and not as eth1, but this is fine).
>
>Following is the Iptables script:
>
>clear
>echo "1" > /proc/sys/net/ipv4/ip_forward
>/sbin/iptables -F
>/sbin/iptables --delete-chain 
>/sbin/iptables -t nat --delete-chain
>/sbin/iptables -t mangle --delete-chain
>  
>

You're not actually flushing the nat and mangle tables, you're only 
deleting user defined chains. This is better:

iptables="/sbin/iptables"

# Clear all previous chains.
$iptables -t filter -F
$iptables -t nat -F
$iptables -t mangle -F
$iptables -X

>/sbin/iptables -N entrata
>/sbin/iptables -N uscita
>/sbin/iptables -P INPUT  ACCEPT
>/sbin/iptables -P OUTPUT ACCEPT
>/sbin/iptables -P FORWARD ACCEPT
>/sbin/iptables -t nat -A POSTROUTING -o eth0 -j
>MASQUERADE
>/sbin/iptables -A FORWARD -i etho -o eth2 -j entrata 
>/sbin/iptables -A FORWARD -i eth2 -o eth0 -j uscita 
>/sbin/iptables -A entrata -j LOG --log-prefix
>"Firewall Entr: " --log-level "DEBUG" 
>/sbin/iptables -A uscita -j LOG --log-prefix "Firewall
>Usc: " --log-level "DEBUG" 
>
>What I get is log entries only with prefix "Firewall
>Usc: ", that is outgoing, and not even one packet with
>"Firewall Entr: " prefix.
>
>Any idea of what I am doing wrong ?
>
>Thanks,
>
>James
>
>
>  
>

Not having a valid eth1 interface seems odd. What does ifconfig give you?

Jeff