* problem with bridge+iptables+ulog
@ 2003-03-12 7:20 B H R Balaji
0 siblings, 0 replies; 6+ messages in thread
From: B H R Balaji @ 2003-03-12 7:20 UTC (permalink / raw)
To: netfilter; +Cc: Antony Stone
Hi all
some one can help i have the following setup
x.x.x.1/24 x.x.x.2/24
+------+ +------+
| Router A |------+ +---------| PC B |
+------+ | | +------+
| |
eth0| | eth1
+-----+
| qos | (br0 =3D x.x.x.3/24)
+-----+
Router A is connected to internet
QOS box running with bridge
PC B is my LAPTOP
iam try to make the ULOG usig the following command
$IPTABLES -I INPUT -i eth1 -j ULOG --ulog-nlgroup 1 --ulog-cprange
--ulog-qthreshold 50 --ulog-prefix "EXT_IN"
iam not able to see any LOG here in my LOG file
when i do this with out interfce
$IPTABLES -I INPUT -j ULOG --ulog-nlgroup 1 --ulog-cprange
--ulog-qthreshold 50 --ulog-prefix "EXT_IN"
iam able to see some logs using BR0
how can i get the logs from eth0 and eth1
any suggestion will be great
hare
^ permalink raw reply [flat|nested] 6+ messages in thread
* Problem with bridge+iptables+ulog
@ 2003-03-12 10:25 hare ram
2003-03-12 12:50 ` Arnt Karlsen
2003-03-13 21:51 ` Axel Christiansen
0 siblings, 2 replies; 6+ messages in thread
From: hare ram @ 2003-03-12 10:25 UTC (permalink / raw)
To: netfilter
Hi all
some one can help i have the following setup
x.x.x.1/24 x.x.x.2/24
+------+ +------+
| Router A |------+ +---------| PC B |
+------+ | | +------+
| |
eth0| | eth1
+-----+
| qos | (br0 =3D x.x.x.3/24)
+-----+
Router A is connected to internet
QOS box running with bridge
PC B is my LAPTOP
iam try to make the ULOG usig the following command
$IPTABLES -I INPUT -i eth1 -j ULOG --ulog-nlgroup 1 --ulog-cprange
--ulog-qthreshold 50 --ulog-prefix "EXT_IN"
iam not able to see any LOG here in my LOG file
when i do this with out interfce
$IPTABLES -I INPUT -j ULOG --ulog-nlgroup 1 --ulog-cprange
--ulog-qthreshold 50 --ulog-prefix "EXT_IN"
iam able to see some logs using BR0
how can i get the logs from eth0 and eth1
any suggestion will be great
hare
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: Problem with bridge+iptables+ulog
2003-03-12 10:25 Problem with bridge+iptables+ulog hare ram
@ 2003-03-12 12:50 ` Arnt Karlsen
2003-03-12 15:46 ` hare ram
2003-03-13 21:51 ` Axel Christiansen
1 sibling, 1 reply; 6+ messages in thread
From: Arnt Karlsen @ 2003-03-12 12:50 UTC (permalink / raw)
To: netfilter
On Wed, 12 Mar 2003 15:55:34 +0530,
"hare ram" <hareram@sol.net.in> wrote in message
<078601c2e886$039a49e0$13fcc5cb@Housecall>:
> Hi all
>
> some one can help i have the following setup
>
> x.x.x.1/24 x.x.x.2/24
> +----------+ +------+
> | Router A |---------+ +---------| PC B |
> +----------+ | | +------+
> | |
> eth0| | eth1
> +-----+
> | qos | (br0 =3D x.x.x.3/24)
> +-----+
>
>
>
> Router A is connected to internet
> QOS box running with bridge
> PC B is my LAPTOP
>
> iam try to make the ULOG usig the following command
>
>
> $IPTABLES -I INPUT -i eth1 -j ULOG --ulog-nlgroup 1 --ulog-cprange
> --ulog-qthreshold 50 --ulog-prefix "EXT_IN"
..does eth1 have an ip address? Why does br0 have an ip address
at all? IMNTHO, it does not need it, but then I can generate logs
from: 'tcpdump -i $interface | grep -v $whatever-I-dont-need \
| grep $what-I-want.etc.iterate.greps.as.needed >> $logfile '
> iam not able to see any LOG here in my LOG file
>
> when i do this with out interfce
>
> $IPTABLES -I INPUT -j ULOG --ulog-nlgroup 1 --ulog-cprange
> --ulog-qthreshold 50 --ulog-prefix "EXT_IN"
>
> iam able to see some logs using BR0
>
> how can i get the logs from eth0 and eth1
>
> any suggestion will be great
>
> hare
--
..med vennlig hilsen = with Kind Regards from Arnt... ;-)
...with a number of polar bear hunters in his ancestry...
Scenarios always come in sets of three:
best case, worst case, and just in case.
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: Problem with bridge+iptables+ulog
2003-03-12 12:50 ` Arnt Karlsen
@ 2003-03-12 15:46 ` hare ram
2003-03-13 0:01 ` Arnt Karlsen
0 siblings, 1 reply; 6+ messages in thread
From: hare ram @ 2003-03-12 15:46 UTC (permalink / raw)
To: Arnt Karlsen, netfilter
Hi
thanks, BR0 have IP becoz of monitoring purpose
i would like to use IPTABLES to monitor the packets
but i could not able to do so, looking for the same help.
hare
----- Original Message -----
From: "Arnt Karlsen" <arnt@c2i.net>
To: <netfilter@lists.netfilter.org>
Sent: Wednesday, March 12, 2003 6:20 PM
Subject: Re: Problem with bridge+iptables+ulog
> On Wed, 12 Mar 2003 15:55:34 +0530,
> "hare ram" <hareram@sol.net.in> wrote in message
> <078601c2e886$039a49e0$13fcc5cb@Housecall>:
>
> > Hi all
> >
> > some one can help i have the following setup
> >
> > x.x.x.1/24 x.x.x.2/24
> > +----------+ +------+
> > | Router A |---------+ +---------| PC B |
> > +----------+ | | +------+
> > | |
> > eth0| | eth1
> > +-----+
> > | qos | (br0 =3D x.x.x.3/24)
> > +-----+
> >
> >
> >
> > Router A is connected to internet
> > QOS box running with bridge
> > PC B is my LAPTOP
> >
> > iam try to make the ULOG usig the following command
> >
> >
> > $IPTABLES -I INPUT -i eth1 -j ULOG --ulog-nlgroup 1 --ulog-cprange
> > --ulog-qthreshold 50 --ulog-prefix "EXT_IN"
>
> ..does eth1 have an ip address? Why does br0 have an ip address
> at all? IMNTHO, it does not need it, but then I can generate logs
> from: 'tcpdump -i $interface | grep -v $whatever-I-dont-need \
> | grep $what-I-want.etc.iterate.greps.as.needed >> $logfile '
>
> > iam not able to see any LOG here in my LOG file
> >
> > when i do this with out interfce
> >
> > $IPTABLES -I INPUT -j ULOG --ulog-nlgroup 1 --ulog-cprange
> > --ulog-qthreshold 50 --ulog-prefix "EXT_IN"
> >
> > iam able to see some logs using BR0
> >
> > how can i get the logs from eth0 and eth1
> >
> > any suggestion will be great
> >
> > hare
>
>
> --
> ..med vennlig hilsen = with Kind Regards from Arnt... ;-)
> ...with a number of polar bear hunters in his ancestry...
> Scenarios always come in sets of three:
> best case, worst case, and just in case.
>
>
>
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: Problem with bridge+iptables+ulog
2003-03-12 15:46 ` hare ram
@ 2003-03-13 0:01 ` Arnt Karlsen
0 siblings, 0 replies; 6+ messages in thread
From: Arnt Karlsen @ 2003-03-13 0:01 UTC (permalink / raw)
To: netfilter
On Wed, 12 Mar 2003 21:16:31 +0530,
"hare ram" <hareram@sol.net.in> wrote in message
<07cc01c2e8ae$8d8ee160$13fcc5cb@Housecall>:
> From: "Arnt Karlsen" <arnt@c2i.net>
> To: <netfilter@lists.netfilter.org>
> Sent: Wednesday, March 12, 2003 6:20 PM
> Subject: Re: Problem with bridge+iptables+ulog
>
>
> > On Wed, 12 Mar 2003 15:55:34 +0530,
> > "hare ram" <hareram@sol.net.in> wrote in message
> > <078601c2e886$039a49e0$13fcc5cb@Housecall>:
> >
> > > Hi all
> > >
> > > some one can help i have the following setup
> > >
> > > x.x.x.1/24 x.x.x.2/24
> > > +----------+ +------+
> > > | Router A |---------+ +---------| PC B |
> > > +----------+ | | +------+
> > > | |
> > > eth0| | eth1
> > > +-----+
> > > | qos | (br0 =3D x.x.x.3/24)
> > > +-----+
> > >
> > >
> > >
> > > Router A is connected to internet
> > > QOS box running with bridge
> > > PC B is my LAPTOP
> > >
> > > iam try to make the ULOG usig the following command
> > >
> > >
> > > $IPTABLES -I INPUT -i eth1 -j ULOG --ulog-nlgroup 1 --ulog-cprange
> > > --ulog-qthreshold 50 --ulog-prefix "EXT_IN"
> >
> > ..does eth1 have an ip address? Why does br0 have an ip address
> > at all? IMNTHO, it does not need it, but then I can generate logs
> > from: 'tcpdump -i $interface | grep -v $whatever-I-dont-need \
> > | grep $what-I-want.etc.iterate.greps.as.needed >> $logfile '
> >
> Hi
>
> thanks, BR0 have IP becoz of monitoring purpose
>
> i would like to use IPTABLES to monitor the packets
> but i could not able to do so, looking for the same help.
..ok, I monitor etc from a third nic inside my firewall, and left
my bridge and its interfaces, ip-less, outside my firewall.
--
..med vennlig hilsen = with Kind Regards from Arnt... ;-)
...with a number of polar bear hunters in his ancestry...
Scenarios always come in sets of three:
best case, worst case, and just in case.
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: Problem with bridge+iptables+ulog
2003-03-12 10:25 Problem with bridge+iptables+ulog hare ram
2003-03-12 12:50 ` Arnt Karlsen
@ 2003-03-13 21:51 ` Axel Christiansen
1 sibling, 0 replies; 6+ messages in thread
From: Axel Christiansen @ 2003-03-13 21:51 UTC (permalink / raw)
To: hare ram; +Cc: netfilter
Hello,
hare ram wrote:
> Hi all
>
> some one can help i have the following setup
>
> x.x.x.1/24 x.x.x.2/24
> +------+ +------+
> | Router A |------+ +---------| PC B |
> +------+ | | +------+
> | |
> eth0| | eth1
> +-----+
> | qos | (br0 =3D x.x.x.3/24)
> +-----+
>
>
> how can i get the logs from eth0 and eth1
>
As fare as i know you have to use the FORWARD chain and
will only get passing packet on the bridge interface. The
real interfaces (eth0 ...) only gets hit wehn it has an
ip-address asigned and the packets destination is the
bridge.
You allso need 2 more patche from the bridge project at
sourceforge.
For me the ulog works fine on the bridge. What i never
cared about was in with direction the packets walk through.
Axel
--
public key: http://knex.ath.cx:8013/keys/pup_key.txt
^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2003-03-13 21:51 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2003-03-12 10:25 Problem with bridge+iptables+ulog hare ram
2003-03-12 12:50 ` Arnt Karlsen
2003-03-12 15:46 ` hare ram
2003-03-13 0:01 ` Arnt Karlsen
2003-03-13 21:51 ` Axel Christiansen
-- strict thread matches above, loose matches on Subject: below --
2003-03-12 7:20 problem " B H R Balaji
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox