From Bugzilla Helper: User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows 98; Q312461) Description of problem: When I try to log dhcp packets that come from dhcpcd -n they don't all get logged (despite the fact that tcpdump shows them) Here's my iptables: #Log anything in other than loopback $iptables -A INPUT -i ! lo -j LOG --log-prefix "INPUT:" #Log anything in other than loopback $iptables -A OUTPUT -o ! lo -j LOG --log-prefix "OUTPUT:" Version-Release number of selected component (if applicable): [user]# iptables --version iptables v1.2.4 How reproducible: Always Steps to Reproduce: 1. run the dhcpcd daemon 2. load the iptables described in the description 3. run tcpdump (tcpdump -n host yyy.yyy.yyy.yyy) 4. tell dhcpcd to renew the license (dhcpcd -n) Actual Results: tcpdump captures 3 packets (out, in, out): tcpdump: listening on eth0 13:20:32.720462 xxx.xxx.xxx.xxx.bootpc > yyy.yyy.yyy.yyy.bootps: xid:0x54496739 secs:3 C:xxx.xxx.xxx.xxx [|bootp] 13:20:32.754394 yyy.yyy.yyy.yyy.bootps > xxx.xxx.xxx.xxx.bootpc: xid:0x54496739 C:xxx.xxx.xxx.xxx Y:xxx.xxx.xxx.xxx [|bootp] (DF) 13:20:32.754859 xxx.xxx.xxx.xxx > yyy.yyy.yyy.yyy: icmp: xxx.xxx.xxx.xxx udp port bootpc unreachable [tos 0xc0] But iptables only logs 2 packets (in,out): [user]# tail /var/log/messages Mar 15 13:20:32 pokey kernel: INPUT:IN=eth0 OUT= MAC=00:00:00:00:00:00:00:00:00:00:00:00:00:00 SRC=yyy.yyy.yyy.yyy DST=xxx.xxx.xxx.xxx LEN=359 TOS=0x00 PREC=0x00 TTL=253 ID=32883 DF PROTO=UDP SPT=67 DPT=68 LEN=339 Mar 15 13:20:32 pokey kernel: OUTPUT:IN= OUT=eth0 SRC=xxx.xxx.xxx.xxx DST=yyy.yyy.yyy.yyy LEN=387 TOS=0x00 PREC=0xC0 TTL=255 ID=1645 PROTO=ICMP TYPE=3 CODE=3 [SRC=yyy.yyy.yyy.yyy DST=xxx.xxx.xxx.xxx LEN=359 TOS=0x00 PREC=0x00 TTL=253 ID=32883 DF PROTO=UDP SPT=67 DPT=68 LEN=339 ] Expected Results: I would have expected iptables to log all 3 packets (out,in,out) Additional info: Feel free to email me for more details if necessary
kernel issue - the iptables userland package just tells the kernel modules what to do.
Third packet is icmp; that's not logged by default.
What's the userland package and how do I learn about it / configure it? thanks, d
Thanks for the bug report. However, Red Hat no longer maintains this version of the product. Please upgrade to the latest version and open a new bug if the problem persists. The Fedora Legacy project (http://fedoralegacy.org/) maintains some older releases, and if you believe this bug is interesting to them, please report the problem in the bug tracker at: http://bugzilla.fedora.us/