26 Aug
2012
26 Aug
'12
6:08 p.m.
On Sun, Aug 26, 2012 at 10:11 AM, Juan Diego Tascón <juantascon@gmail.com>wrote:
Is there any way to debug iptables, Juan,
Another good way to debug IPTables (if you can limit the traffic to the box to just what you are troubleshooting) use the command : sudo iptables -Z && sudo watch -n .5 iptables -nvL ^zeros the counters for iptables this will serve to show packet counters next to all your rules. Then you can send the traffic you are troubleshooting and see which rule it is matching. From a different window or screen you can add/drop rules and watch the counters in real time. That has always helped me in tough IPtables setups since it's a little more realtime/less info than logging. -pete