[Techtalk] tcpdump and iptables
Subba Rao
subba9 at cablespeed.com
Sat Jun 21 16:32:29 EST 2003
I am using iptables on my system. It is very basic setup that denies all
outside connections. When an outside connection is attempted, the packet is
dropped and logged into the syslog. When I run tcpdump on the same interface,
I do see a lot of ARP requests and bootps/bootpc (UDP) requests. Why are these
attempts not logged into syslog?
Is it because ARP requests are a lower level protocol?
Another question is, when a legitimate packet is allowed and climbing the
TCP/IP stack, who (iptables or tcpdump) gets to see the packet first?
--
Subba Rao
subba9 at cablespeed.com
------------------------------------------------------------------------------
Old American Wild West saying: God created men but Colt made them equal.
Today: Linus created Linux and Linux made IT companies equal.
More information about the Techtalk
mailing list