traffic logging

Marco Simioni m.simioni at gmail.com
Mon Aug 10 18:22:54 UTC 2009


Ok, ty.

I'll try to force to eth1. I'll let you know.

Regards,

Marco


2009/8/10, Wichert Akkerman <wichert at wiggy.net>:
> Modify whatever sets the iptables rule to count on the ethernet device
> instead of the tun device? Should be a fairly trivial change.
>
> On 8/10/09 15:39 , Marco Simioni wrote:
>> no ideas ?
>>
>> 2009/8/7 Marco Simioni<m.simioni at gmail.com>:
>>> You're right.
>>>
>>> On my old machine, i am receiving this log:
>>>
>>> Aug  7 09:35:53 izc kernel: [26916606.764000] IPTABLES IZC : IN=eth1
>>> OUT= MAC=X:X:X:X:X:X:X:X:X:X:X:X SRC=X.X.X.X DST=X.X.X.X LEN=89
>>> TOS=0x00 PREC=0x00 TTL=255 ID=8000 PROTO=UDP SPT=54528 DPT=53 LEN=69
>>>
>>> It is logging on interface eth1, not on tun0.
>>>
>>> Btw, the iptables command was the same, in up.sh:
>>>
>>> iptables -t nat -I PREROUTING 1 -j LOG -m state --state NEW
>>> --log-tcp-options --log-ip-options --log-prefix "IPTABLES : "
>>>
>>> What is the difference? Why on my old machine it logs on eth1, and on
>>> my new machine it logs on tun0? Something changed on chilli?
>>>
>>> Old machine setup:
>>>
>>> Linux izc 2.6.15-26-386 #1 PREEMPT Fri Sep 8 19:55:17 UTC 2006 i686
>>> GNU/Linux
>>> Ubuntu 6.06.1 LTS \n \l
>>> coova-chilli 1.0.12
>>>
>>> New machine setup:
>>>
>>> Linux izc.tecnofingroup.it 2.6.24-24-generic #1 SMP Fri Jul 24
>>> 22:46:06 UTC 2009 i686 GNU/Linux
>>> Ubuntu 8.04.3 LTS \n \l
>>> coova-chilli 1.0.14
>>>
>>> Something changed on chilli? Or on ubuntu? Or whatelse?
>>>
>>>
>>> Thank you i.a.,
>>>
>>> Marco
>>>
>>>
>>>
>>>
>>>
>>> 2009/8/6 EasyHorpak.com<info at easyhorpak.com>:
>>>> Mac address not appear on interfaces tun0.
>>>> Cause it virtual interfaces on eth1.
>>>>
>>>> wait for another additional..
>>>>
>>>>
>>>> ----- Original Message ----- From: "Marco Simioni"<m.simioni at gmail.com>
>>>> To:<chilli at coova.org>
>>>> Sent: Wednesday, August 05, 2009 7:06 PM
>>>> Subject: traffic logging
>>>>
>>>>
>>>>> Hi,
>>>>>
>>>>> i always logged network traffic throught my hotspot using this command
>>>>> in
>>>>> up.sh:
>>>>>
>>>>>    #(LOGGING)
>>>>>    iptables -t nat -I PREROUTING 1 -j LOG -m state --state NEW
>>>>> --log-tcp-options --log-ip-options --log-prefix "IPTABLES : "
>>>>>
>>>>> and this is the ouput in my syslog:
>>>>>
>>>>> Aug  5 18:01:02 izc kernel: [ 1430.272826] IPTABLES : IN=tun0 OUT=
>>>>> MAC= SRC=XX.XX.XX.XX DST=XX.XX.XX.XX LEN=52 TOS=0x00 PREC=0x00 TTL=128
>>>>> ID=7897 DF PROTO=TCP SPT=50034 DPT=80 WINDOW=8192 RES=0x00 SYN URGP=0
>>>>> OPT (020405B40103030201010402)
>>>>>
>>>>> The MAC part is always empty.
>>>>>
>>>>> I am pretty sure that this worked on another machines, with older
>>>>> chilli versions (1.0.12 and 1.0.13).
>>>>>
>>>>> Now i'm using 1.0.14, ubuntu binary build.
>>>>>
>>>>> Linux izc 2.6.24-24-generic #1 SMP Fri Jul 24 22:46:06 UTC 2009 i686
>>>>> GNU/Linux
>>>>>
>>>>> Ubuntu 8.04.3 LTS \n \l
>>>>>
>>>>> Suggestions?
>>>>>
>>>>> ---------------------------------------------------------------------
>>>>> To unsubscribe, e-mail: chilli-unsubscribe at coova.org
>>>>> For additional commands, e-mail: chilli-help at coova.org
>>>>> Wiki: http://coova.org/wiki/index.php/CoovaChilli
>>>>> Forum: http://coova.org/phpBB3/viewforum.php?f=4
>>>>>
>>>>>
>>>>
>>>>
>>>> ---------------------------------------------------------------------
>>>> To unsubscribe, e-mail: chilli-unsubscribe at coova.org
>>>> For additional commands, e-mail: chilli-help at coova.org
>>>> Wiki: http://coova.org/wiki/index.php/CoovaChilli
>>>> Forum: http://coova.org/phpBB3/viewforum.php?f=4
>>>>
>>>>
>>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: chilli-unsubscribe at coova.org
>> For additional commands, e-mail: chilli-help at coova.org
>> Wiki: http://coova.org/wiki/index.php/CoovaChilli
>> Forum: http://coova.org/phpBB3/viewforum.php?f=4
>>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: chilli-unsubscribe at coova.org
> For additional commands, e-mail: chilli-help at coova.org
> Wiki: http://coova.org/wiki/index.php/CoovaChilli
> Forum: http://coova.org/phpBB3/viewforum.php?f=4
>
>



More information about the Chilli mailing list