iptables TRACE and journalctl

edit

hi!

I am trying to debug iptables firewall rules on Fedora 25 cloud edition.

Latest fedoras come with journalctl as opposed to the more traditional rsyslogd.

I have added the rule to trace packets:

iptables -t raw -A OUTPUT -p tcp --dport 80 -j TRACE

I have also see:

*cat /proc/net/netfilter/nflog
*2 nfnetlinklog (nflogipv4,nfnetlink_log)

Relevant kernel modules seem to be loaded: nfnetlinklog, nflogipv4, nflog_common

I can also see that kernel packages are been logged via journalctl -k -f

Yet there is no way to get the packet traces.

any idea what I could be missing?