I can’t think of a direct solution, but I can think of a round about way of tracking a packet.
- Log each rule with a log prefix directive (–log-prefix “Rule 34”)
- Generate a test packet or packet stream with scapy and set the TOS field to something unique
- grep the log file output for that TOS setting and see which rules logged it.
Related Contents:
- Maximum length of the textual representation of an IPv6 address?
- What is the difference between 0.0.0.0, 127.0.0.1 and localhost?
- What’s the difference between IP address 0.0.0.0 and 127.0.0.1?
- What is the difference between unicast, anycast, broadcast and multicast traffic?
- Block range of IP Addresses
- Why would you use IPv6 internally?
- What does [::] mean as an ip address? Bracket colon colon bracket
- Why is tampering with the TTL of IP dangerous?
- Why does typing an IP address instead of the corresponding domain name not show the website? [closed]
- Why do we ping the IP 4.2.2.2 to test connectivity?
- Force local IP traffic to an external interface
- Debugging rules in Iptables [duplicate]
- Can a single network card have 2 IP addresses?
- Is it valid to have part of an IPv4 address set to zero?
- Is 0.1.2.3 a valid IP address?
- Why does this URL with excessive preceding dots resolve to an IP address?
- Can the IP address for an HTTP request be spoofed?
- What does ::1 mean?
- Is there an “official” name to the 0.0.0.0 IP address?
- How can I get the IP address of a remote desktop client? And how can I trigger a shell command upon RDP connect?
- Why Are There Only 65,535 Ports, and Will We Ever Have More? [closed]
- Pinging an IP address responds with different IP
- OpenVPN: How to mitigate path MTU issues on a per-client basis?
- What is the difference between 0.0.0.0/0 and 0.0.0.0/1?
- What does my ISP mean when they say they will provide “4 static IPs out of which 2 are usable”? [duplicate]
- Apache 2.4 restrict URL to certain IPs
- Who (What?!) is “http://1.1.1.1/bmi”? [closed]
- Deny IP address on AWS ELB
- Grepping for CIDR ranges
- How to access a subdomain of an IP address?
- How to Deny all IPs except one in Filezilla Server?
- Redirect request to an external IP to localhost (emulate a server)
- How to generate a Self Signed SSL Certificate bound to IP address? [duplicate]
- Windows Firewall rule based on domain name instead of IP
- What happens when ARP Request comes from a different subnet?
- Can I use nmap to discover IPs and mac addresses?
- How to get the Country according to a certain IP? [duplicate]
- What is private bytes, virtual bytes, working set?
- What is the best practice of docker + ufw under Ubuntu
- How to go to the previous line in GDB?
- Accessing the DNAT’ted webserver from inside the LAN
- “Waiting for debugger to attach” showing even when not running in debug mode
- How can I inspect element in chrome when right click is disabled?
- Safari Developer Tools: How to Preserve Console Log Upon Navigation?
- Memory dump formatted like xxd from gdb
- How do I find the name of the calling function?
- Debug Target Is Missing?
- iOS app testing. App installation failed. No code signature found [closed]
- Getting debugger context in C# interactive
- Get a user’s current location