0

I want to log traffic details for every packet using IPTABLES on mirrored traffic coming from a switch on my interface em4 with -j LOG option. I saw a similar scenario here.

em4 is in promisc mode. I'm using the following commands but the rule is not getting hit and I cannot see logs in /var/log/messages

tunctl -u root
brctl addbr br0
brctl addif br0 em4
brctl addif br0 tap0
brctl setfd br0 0
brctl stp br0 off  
ifconfig br0 up
ifconfig eth0 up 0.0.0.0
ifconfig tap0 up 0.0.0.0
echo 0 > /sys/class/net/br0/bridge/ageing_time
echo 1 > /sys/devices/virtual/net/br0/bridge/nf_call_iptables
iptables -F
iptables -A PREROUTING -t raw -j LOG
poige
  • 9,171
  • 2
  • 24
  • 50
Muhammad Usman
  • 1
  • 1
  • You say you're using interface `em4` but in the commands you've run I don't see that, only `eth0`. Did you also read the answer given in the question you've linked to? – wurtel Jan 30 '19 at 15:49
  • Sorry, I mistakenly had written eth0 instead of em4 which I have updated now. And yes, I have turned on the promiscuous mode of em4 as you can see here: ``[root@snitch ~]# ifconfig em4 em4: flags=4419 mtu 1500`` – Muhammad Usman Jan 31 '19 at 05:29

0 Answers0