What's new

Why my iptables LOG rule doesn't get applied for local traffic?

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Patryk

New Around Here
I have the following rule to log traffic (for wake on LAN purposes)

Code:
iptables -I FORWARD -d 192.168.1.X -p tcp --dport 7000:8332 -m state --state NEW -j LOG --log-prefix "[2WAKE] XX:XX:XX:XX:XX:XX"

which does work for traffic from WAN that gets to my local network (through opened ports) but doesn't work for local only traffic.

Why is that? I've tried with `INPUT` chain as well but I've got the same results.

Is that because the traffic goes through internal switch and we cannot control this with `iptables`?
 
All local traffic is bridged, not routed, and therefore the router's IP firewall doesn't get involved in local traffic. All local devices communicate directly with one another over ethernet via the switch. That's why if you didn't even have a router, but only a switch, all local devices could still communicate w/ each other.
 
That's what I thought. Any chance to see/touch/manipulate local traffic on Asus RT-AC routers?
 

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top