[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: checking the functioning of an ipchains module



On Sat, 2001-12-01 at 12:19, mulix wrote:
> On Sat, 1 Dec 2001, guy keren wrote:
> 
> > On 30 Nov 2001, Noam Meltzer wrote:
> >
> > > I guess you didn't really understand what i wanted. I don't want to see
> > > that the module is loaded. I want to see what is it doing while it's
> > > running.
> >
> > "what its doing" has different interpretations. if it is 'understanding
> > how it works' - use the source, luke. if its seeing which packets get
> > NATed - i _think_ there's an option to enable some kind of debug code in
> > netfilter's code which _could_ help. or its something else? you might run
> > a sniffer before the NAT box and after the NAT box, look at the output, and
> > begin analising it ;)
> 
> be carefull... there be dragons here (in relation to the analysis part).
> 
> there is *supposed* to a file in /proc, which tells you which
> connections are being nat'ed on your box, /proc/net/ip_masquerade. for
> some reason, it's not there on my linux router. any ideas where it's
> gone?
> 
> also (2 questions for the price of one email), i'm looking to implement
> traffic limiting on the linux router for internal users (bofh? me?
> never. what was your user name again?). what tools am i looking for?
> 
> kernel 2.4.16, approximately latest iptables.
> -- 
> mulix
> 
> http://www.pointer.co.il/~mulix/
> http://syscalltrack.sf.net/
> 
> 
10x to mulix i got the direction I needed. There's a directory
"/proc/net/ip_masq/" (accurate for ipchains on 2.2.20, i dunno about
netfilter) which has information about all the modules loaded. Specific
to the module i was intersted about - ip_masq_icq.o there's a subdir in
the directory, called "icq" which has much more information.
What I didn't understand/foundout is if I can change information there
"live" (like when you do "echo "1" > /proc/sys/net/ipv4/ip_forward").
-- 
Noam Meltzer
tsnoam@zahav.net.il
ICQ: 4853872


=================================================================
To unsubscribe, send mail to linux-il-request@linux.org.il with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail linux-il-request@linux.org.il