Requirements

modprobe ipt_LOG
sysctl net.netfilter.nf_log.2 = ipt_LOG
sudoers rules
- USER ALL=(root) NOPASSWD: /sbin/iptables-save ""
- USER ALL=(root) NOPASSWD: /sbin/iptables -t raw -F *
- USER ALL=(root) NOPASSWD: /sbin/iptables -t raw -A * -j TRACE
- USER ALL=(root) NOPASSWD: /sbin/sysctl net.netfilter.nf_log.2=ipt_LOG
Where USER is unix user running ajax.php script (eg. www-data for apache)
backend component:
- webserver
  - you need a php-enabled webserver to run ajax.php, or
  - use php 5.4 embeded webserver by invoking this command in folder where you unpacked files:
    sudo -u USER php -S localhost:8080 -t .
- configure $logfile in ajax.php to point to file iptables is logging in (eg. /var/log/kern.log)
read access to $logfile for USER (eg. chmod +r $logfile)
frontend component:
- point AJAXURL variable to the right URL in JS code
- jquery.js
- jquery-ui.js
do not modify firewall while tracing

Usage

Specity filter options in Filter box or leave empty to trace all packets.
Pay attention to limit parameter, too high limit may lead to high load on target system!
Press "TRACE!" to start tracing and "Stop" to finish it.
The programm polls server every 1.5 sec for new trace results, you can press "Refresh" to poll them manually.
Messages box: status and error messages from server
During trace packet IDs will appear in Packets box. Click on a packet ID to display steps in Trace box, which packet met in its way through the firewall.
Firewall box: iptables-save output hilighting rules with which the selected packet met.