I am trying to log iptables actions so I can trouble shoot why a FORWARD rule isn't working and I need to run this command:
echo ipt_LOG >/proc/sys/net/netfilter/nf_log/2
this is after loading the logging module "sudo modprobe ipt_LOG" and I keep getting this error even when I have switch to root (sudo -i) and am in the location of the said file '2':
root@george-jendoc-node:/proc/sys/net/netfilter/nf_log# echo "ipt_LOG" > 2
-bash: echo: write error: No such file or directory
I did a stat 2 and I got:
File: 2
Size: 0 Blocks: 0 IO Block: 1024 regular empty file
Device: 4h/4d Inode: 185636 Links: 1
Access: (0644/-rw-r--r--) Uid: ( 0/ root) Gid: ( 0/ root)
Access: 2020-05-12 12:27:05.420721533 +0000
Modify: 2020-05-12 12:33:44.449767903 +0000
Change: 2020-05-12 12:33:44.449767903 +0000
Birth: -
I clearly see the file in question but why am I getting the 'no such file or directory' error and how do I write to that file?
UPDATE:
cat 2 shows NONE and echo ipt_LOG shows 'ipt_LOG'.
I also ran into this issue when following these guides:
https://backreference.org/2010/06/11/iptables-debugging/
https://www.opsist.com/blog/2015/08/11/how-do-i-see-what-iptables-is-doing.html
After some digging around it seems at least in CentOS 7 the correct commands are
modprobe nf_log_ipv4andsysctl net.netfilter.nf_log.2=nf_log_ipv4. Not sure whether the information in those guides is outdated or if it's a Redhat vs Debian sort of thing, but this guide helped in my case:https://www.opensourcerers.org/2016/05/27/how-to-trace-iptables-in-rhel7-centos7/