How to Enable IPtables TRACE Target on Debian Squeeze (6)

Solution 1:

Seems like (i.e. works for me) with new kernel this is needed (for IPv4):

modprobe nf_log_ipv4
sysctl net.netfilter.nf_log.2=nf_log_ipv4

credits:

https://www.centos.org/forums/viewtopic.php?f=47&t=54411
upvoting other answers as they gave me important hints

Solution 2:

Run:

modprobe ipt_LOG

That fixed it for me.

Solution 3:

I found that I needed to perform both of the previous answers, in this order:

sudo modprobe ipt_LOG
sudo sysctl net.netfilter.nf_log.2=ipt_LOG

Here are a couple of things that I discovered along the way.

You can get a list of valid loggers (along with the currently selected logger) with the following:

cat /proc/net/netfilter/nf_log

The numbers here represent the protocol family numbers, as defined in /usr/include/bits/socket.h. 2 is AF_INET (that's IPv4), and 10 is AF_INET6 (IPv6).

Solution 4:

This worked for me sudo sysctl net.netfilter.nf_log.2=ipt_LOG

How to Enable IPtables TRACE Target on Debian Squeeze (6)

Solution 1:

Solution 2:

Solution 3:

Solution 4:

Tags:

Linux

Logging

Debian

Iptables

Log Files

Related

Recent Posts