[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: checking the functioning of an ipchains module



On Sat, 1 Dec 2001, guy keren wrote:

> On 30 Nov 2001, Noam Meltzer wrote:
>
> > I guess you didn't really understand what i wanted. I don't want to see
> > that the module is loaded. I want to see what is it doing while it's
> > running.
>
> "what its doing" has different interpretations. if it is 'understanding
> how it works' - use the source, luke. if its seeing which packets get
> NATed - i _think_ there's an option to enable some kind of debug code in
> netfilter's code which _could_ help. or its something else? you might run
> a sniffer before the NAT box and after the NAT box, look at the output, and
> begin analising it ;)

be carefull... there be dragons here (in relation to the analysis part).

there is *supposed* to a file in /proc, which tells you which
connections are being nat'ed on your box, /proc/net/ip_masquerade. for
some reason, it's not there on my linux router. any ideas where it's
gone?

also (2 questions for the price of one email), i'm looking to implement
traffic limiting on the linux router for internal users (bofh? me?
never. what was your user name again?). what tools am i looking for?

kernel 2.4.16, approximately latest iptables.
-- 
mulix

http://www.pointer.co.il/~mulix/
http://syscalltrack.sf.net/



=================================================================
To unsubscribe, send mail to linux-il-request@linux.org.il with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail linux-il-request@linux.org.il