On 7/28/10 8:47 AM, Tom Eastep wrote: > I just read the ipt_LOG.c code and learned that the ethernet header > (MAC) is only included for INPUT packets (those where IN=xxx and > OUT=<empty>). So if a logged packet is being forwarded (IN= and OUT= are > both non-empty), then the log message will not include the ethernet > header. In my case, all but one usable address from my /29 are > configured on the firewall itself (I run Linux-vserver) so all logged > messages from the 'net' zone are INPUT packets.
This is contrasted with ipt_ULOG.c which includes the ethernet header when IN= is non-empty and there is a header associated with the packet. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ The Palm PDK Hot Apps Program offers developers who use the Plug-In Development Kit to bring their C/C++ apps to Palm for a share of $1 Million in cash or HP Products. Visit us here for more details: http://p.sf.net/sfu/dev2dev-palm
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
