How to Enable IPtables TRACE Target on Debian Squeeze (6)
Seems like (i.e. works for me) with new kernel this is needed (for IPv4):
modprobe nf_log_ipv4 sysctl net.netfilter.nf_log.2=nf_log_ipv4
- upvoting other answers as they gave me important hints
That fixed it for me.
I found that I needed to perform both of the previous answers, in this order:
sudo modprobe ipt_LOG sudo sysctl net.netfilter.nf_log.2=ipt_LOG
Here are a couple of things that I discovered along the way.
You can get a list of valid loggers (along with the currently selected logger) with the following:
The numbers here represent the protocol family numbers, as defined in
/usr/include/bits/socket.h. 2 is
AF_INET (that's IPv4), and 10 is
This worked for me
sudo sysctl net.netfilter.nf_log.2=ipt_LOG