FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.

» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Debian > Debian ISP
Reload this Page iptables MAC addresses

 
 
LinkBack Thread Tools
 
Old 08-25-2008, 07:46 PM
"Jim Popovitch"
 
Default iptables MAC addresses
Hi,

I'm using iptables -j LOG to log blocked/throttled connections. These
log entries contain the source and destination MAC addresses... which
will always be the MAC addrs of the single apache box and it's
upstream switch. ;-) Is there any way to tell iptables to *not* log
MAC addresses?

Thanks,

-Jim P.


--
To UNSUBSCRIBE, email to debian-isp-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 
Old 08-25-2008, 08:02 PM
"Stefano Cislaghi"
 
Default iptables MAC addresses
2008/8/25 Jim Popovitch <yahoo@jimpop.com>:
> Hi,
>
> I'm using iptables -j LOG to log blocked/throttled connections. These
> log entries contain the source and destination MAC addresses... which
> will always be the MAC addrs of the single apache box and it's
> upstream switch. ;-) Is there any way to tell iptables to *not* log
> MAC addresses?

You should use argv:

--mac-source !address

Bye,
Stefano

--
http://www.stefanocislaghi.it/


--
To UNSUBSCRIBE, email to debian-isp-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 
Old 08-25-2008, 08:50 PM
"Jim Popovitch"
 
Default iptables MAC addresses
On Mon, Aug 25, 2008 at 4:02 PM, Stefano Cislaghi <s.cislaghi@gmail.com> wrote:
> 2008/8/25 Jim Popovitch <yahoo@jimpop.com>:
>> Hi,
>>
>> I'm using iptables -j LOG to log blocked/throttled connections. These
>> log entries contain the source and destination MAC addresses... which
>> will always be the MAC addrs of the single apache box and it's
>> upstream switch. ;-) Is there any way to tell iptables to *not* log
>> MAC addresses?
>
> You should use argv:
>
> --mac-source !address

:-) Perhaps I wasn't clear enough. I do want the log entries... I
just don't want the log entries to contain the MAC addresses (which
are useless to me because they are the same regardless of where the IP
traffic. The host has 1 interface attached to an upstream Foundry,
so the MACs will always be the same.

-Jim P.


--
To UNSUBSCRIBE, email to debian-isp-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 
Old 08-25-2008, 09:47 PM
"Ing. Otto Marroquin"
 
Default iptables MAC addresses
Jim Popovitch wrote:

On Mon, Aug 25, 2008 at 4:02 PM, Stefano Cislaghi <s.cislaghi@gmail.com> wrote:


2008/8/25 Jim Popovitch <yahoo@jimpop.com>:


Hi,

I'm using iptables -j LOG to log blocked/throttled connections. These
log entries contain the source and destination MAC addresses... which
will always be the MAC addrs of the single apache box and it's
upstream switch. ;-) Is there any way to tell iptables to *not* log
MAC addresses?


You should use argv:

--mac-source !address



:-) Perhaps I wasn't clear enough. I do want the log entries... I
just don't want the log entries to contain the MAC addresses (which
are useless to me because they are the same regardless of where the IP
traffic. The host has 1 interface attached to an upstream Foundry,
so the MACs will always be the same.

-Jim P.



I dont see how to do it with iptables without postprocessing or changing
the source code...

because you don't need all the output from iptables..

Sorry for replying to this thread with another topic; I didn't realize it.
 
Old 08-25-2008, 10:06 PM
Michael Loftis
 
Default iptables MAC addresses
--On August 25, 2008 4:50:17 PM -0400 Jim Popovitch <yahoo@jimpop.com>
wrote:




:-) Perhaps I wasn't clear enough. I do want the log entries... I
just don't want the log entries to contain the MAC addresses (which
are useless to me because they are the same regardless of where the IP
traffic. The host has 1 interface attached to an upstream Foundry,
so the MACs will always be the same.


Take a look at ulogd. ipt_LOG doesn't support any modification of logging
format.




-Jim P.


--
To UNSUBSCRIBE, email to debian-isp-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact
listmaster@lists.debian.org







--
Michael Loftis
Modwest Operations Manager
Powerful, Affordable Web Hosting


--
To UNSUBSCRIBE, email to debian-isp-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 
Old 08-25-2008, 11:32 PM
"Jim Popovitch"
 
Default iptables MAC addresses
On Mon, Aug 25, 2008 at 6:06 PM, Michael Loftis <mloftis@modwest.com> wrote:
> Take a look at ulogd.

Will do. Thanks!

-Jim P.


--
To UNSUBSCRIBE, email to debian-isp-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 
Old 08-26-2008, 12:53 AM
Phil Dyer
 
Default iptables MAC addresses
Jim Popovitch wrote:



:-) Perhaps I wasn't clear enough. I do want the log entries... I
just don't want the log entries to contain the MAC addresses (which
are useless to me because they are the same regardless of where the IP
traffic. The host has 1 interface attached to an upstream Foundry,
so the MACs will always be the same.


sed and awk may be your true friends here.


-Jim P.


phil


--
To UNSUBSCRIBE, email to debian-isp-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 

Thread Tools




All times are GMT. The time now is 09:07 AM.

VBulletin, Copyright ©2000 - 2013, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright ©2007 - 2008, www.linux-archive.org

Contact Us - Linux Archive - Archive - Top -