Linux k 2.4.3, debian woody, iptables v1.1.2
A port mapped statically from ppp0 to a computer on the inside (eth0)
iptables -t nat -A PREROUTING -p tcp -i ppp0 –dport 1234 -j DNAT –to-destination 10.1.1.200:4321
This works great.. Now, how can I log these connections?
I would have thought that something like
iptables -A FORWARD -i ppp0 -p tcp –dport 1234 -j LOG
should have done it, but I guess PREROUTING grabs the packet before it
even enters the rest of the chain,I tried with INPUT and changed the fw-
script positions to see if putting it in a different location in the
chain would help, but nothing I tried seemed to work…
any clue? (-j LOG is not valid in the -t nat table)
