2 #Simple script that sets up some chains in mangle table to do global logging of all
3 #traffic going in and out of an interface
4 #Could also use the regular input/output tree but this also catches the forwarded nat traffic
6 IT="iptables -t mangle"
8 #First clear the old stuff
14 $IT -D PREROUTING -i eth0 -j incoming
15 $IT -D POSTROUTING -o eth0 -j outgoing
17 #should add some arg == stop exit here...
19 $IT -A PREROUTING -i eth0 -j incoming
20 $IT -A POSTROUTING -o eth0 -j outgoing
22 $IT -A incoming -p tcp -m comment --comment "tcp"
23 $IT -A incoming -p udp -m comment --comment "udp"
24 $IT -A incoming -p icmp -m comment --comment "icmp"
26 $IT -A outgoing -p tcp -m comment --comment "tcp"
27 $IT -A outgoing -p udp -m comment --comment "udp"
28 $IT -A outgoing -p icmp -m comment --comment "icmp"