Jeff Coppock wrote on Sat Jul 21, 2001 at 10:59:08PM: > What does syslog recognize as iptables log messages? I tried > putting iptable.* in syslog.conf, but I'm not seeing messages. You need to tell iptables which packages should be logged. For example: iptables -N log # This table logs and hands package over to "delete" iptables -N delete - This table rejects anything iptables -A INPUT <RULE> -j log # Rule to be logged iptables -A INPUT <RULE> -j delete # Rule not to be logged iptables -A log -j LOG --log-prefix "Rejected: " # be verbose in syslog iptables -A log -j delete # hand over package to "delete" iptables -A delete -j REJECT # gracefully reject package It would be bad to have iptables log everything by default --> man DOS Matth¡as -- Matthias Richter --+- stud. soz. & inf. -+-- http://www.uni-leipzig.de --> GPG Public Key: http://www.matthias-richter.de/gpg.ascii <-- · Projekt Deutscher Wortschatz: <URL:http://wortschatz.uni-leipzig.de>
Attachment:
pgpMLM1zly3Iy.pgp
Description: PGP signature