From mboxrd@z Thu Jan  1 00:00:00 1970
From: Florian Westphal <fw@strlen.de>
Subject: Re: Linux netfilter / iptables : How to enable iptables TRACE chain
 handling with nf_log_syslog on RHEL8+?
Date: Sun, 25 Jun 2023 20:35:11 +0200
Message-ID: <20230625183511.GC3207@breakpoint.cc>
References: <hhttuv65e9.fsf@jvdspc.jvds.net>
 <hhr0pz60h5.fsf@jvdspc.jvds.net>
Mime-Version: 1.0
Return-path: <netfilter-devel-owner@vger.kernel.org>
Content-Disposition: inline
In-Reply-To: <hhr0pz60h5.fsf@jvdspc.jvds.net>
List-ID: <netfilter.vger.kernel.org>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
To: Jason Vas Dias <jason.vas.dias@ptt.ie>, Jason Vas Dias <jason.vas.dias@gmail.com>
Cc: Florian Westphal <fw@strlen.de>, netfilter-devel@vger.kernel.org, netfilter@vger.kernel.org

Jason Vas Dias <jason.vas.dias@ptt.ie> wrote:
>   RE: you wrote:
>   > Run "xtables-monitor --trace".
> 
>   Thanks for the info about xtables-monitor - yes, that does give alot
>   of extra information about rule chain processing.
> 
>   But I'd just like to understand :
>     Why does this work under kernel v6.2.16 and not under v4.18.0-477 ?
>     :
>     # iptables -t raw -A PREROUTING -p icmp -j TRACE
>     # iptables -t raw -A OUTPUT -p icmp -j TRACE
>     # modprobe nf_log_ipv4
>     # echo nf_log_ipv4 > /proc/sys/net/netfilter/nf_log/2
> 
>   How can I enable the 'nf_log_syslog' module, so that it does
>   in fact emit TRACE kernel messages to syslog, as it purports
>   to be able to do, under v4.18.0-477 ?

You need to install iptables-legacy, not shipped in RHEL8.