Logging packets with original address

Logging packets with original address

[prabha]

Hi
    I want to log some packets in the INPUT and FORWARD chains, but with
the
original address of the packets. (ie) with the destination address
before any DNAT
rule has been applied on the packet in the PREROUTING chain.
    When the packet comes to the INPUT / FORWARD chains, it will be
after any
DNAT has been applied. I do not want the NATted address to be present in

the logs, but the original address as the received interface saw it. Is
this possible?

Regards
Prabha

Re: Logging packets with original address

[Antony Stone]

On Wednesday 03 March 2004 9:10 am, prabha wrote:

> Hi
>     I want to log some packets in the INPUT and FORWARD chains, but with
> the original address of the packets. (ie) with the destination address
> before any DNAT rule has been applied on the packet in the PREROUTING chain.

You cannot do this because packets pass through the INPUT chain after they 
pass through PREROUTING.

>     When the packet comes to the INPUT / FORWARD chains, it will be
> after any DNAT has been applied.

Correct.

> I do not want the NATted address to be present in the logs, but the original
> address as the received interface saw it. Is this possible?

Put the LOG rule in the PREROUTING chain.

Regards,

Antony.

-- 
What is this talk of "software release"?
Our software evolves and matures until it is capable of escape, leaving a 
bloody trail of designers and quality assurance people in its wake.

                                                     Please reply to the list;
                                                           please don't CC me.