[Firehol-support] 1.83 DNAT logging question

Allen K. Smith allen at falconstudios.com
Tue Jan 28 20:25:01 CET 2003


Hi,

Great tool. I have a question about 1.83.

The following rule:

dnat to 10.10.10.129 inface eth0 src 10.10.10.0/24 dport 25 log "SMTP
REDIRECT"

Creates these lines (from firehol debug):

/sbin/iptables -t nat -N nat.4   # L:43
/sbin/iptables -t nat -A PREROUTING -i eth0 -s 10.10.10.0/24 --dport 25
-j LOG --log-level warning --log-prefix=SMTP\ REDIRECT:   # L:43
/sbin/iptables -t nat -A PREROUTING -i eth0 -s 10.10.10.0/24 --dport 25
-j nat.4   # L:43
/sbin/iptables -t nat -A nat.4 -j LOG --log-level warning
--log-prefix=SMTP\ REDIRECT:   # L:43
/sbin/iptables -t nat -A nat.4 -j DNAT --to-destination 10.10.10.129   #
L:43

Should there be two -j LOG lines generated?

Thanks,
Allen






More information about the Firehol-support mailing list