iptables & syslog help

To: debian-user@lists.debian.org
Subject: iptables & syslog help
From: Keith Stephen Dunwoody <kstephen@interchange.ubc.ca>
Date: Wed, 07 Jan 2004 19:11:16 -0800 (PST)
Message-id: <[🔎] Pine.GSO.4.21.0401071849400.9912-100000@inch.interchange.ubc.ca>

Hi,

I'm having problems with logging from iptables, and I can't figure out
for the life of me what the problem is...  I'm trying to log some packets
from iptables, but they're showing up on the currently active console as
well as in the syslog (although not on xterms).  No other kernel messages
seem to be showing up on the console, just packet messages.  I'm running
debian unstable, kernel 2.4.23-686-1, sysklog version 1.4.1-13.  The
output of /sbin/iptables -L -n is:

<input output and forward chains removed>

Chain drop-and-log-it (5 references)
target     prot opt source               destination         
LOG        all  --  0.0.0.0/0            0.0.0.0/0           LOG flags 0
level 6 
DROP       all  --  0.0.0.0/0            0.0.0.0/0   

where the drop-and-log-it chain is the only place I do any logging.  My
syslog.conf is at the end of the message -- sorry I can't do attachments
here well.

Any help will be appreciated.

Thanks,

-- Keith

P.S.  Please CC me, as I am not subscribed

# /etc/syslog.conf
# Configuration file for syslogd. 
#                       For more information see syslog.conf(5)
#                       manpage.

#
# First some standard logfiles.  Log by facility.
#

auth,authpriv.*                 /var/log/auth.log
*.*;auth,authpriv.none          -/var/log/syslog
#cron.*                         /var/log/cron.log
daemon.*                        -/var/log/daemon.log
kern.*                          -/var/log/kern.log
lpr.*                           -/var/log/lpr.log
mail.*                          -/var/log/mail.log
user.*                          -/var/log/user.log
uucp.*                          /var/log/uucp.log

#
# Logging for the mail system.  Split it up so that
# it is easy to write scripts to parse these files.
#
mail.info                       -/var/log/mail.info
mail.warn                       -/var/log/mail.warn
mail.err                        /var/log/mail.err

# Logging for INN news system
#
news.crit                       /var/log/news/news.crit
news.err                        /var/log/news/news.err
news.notice                     -/var/log/news/news.notice

#
# Some `catch-all' logfiles.
#
*.=debug;\
        auth,authpriv.none;\
        news,mail.none          -/var/log/debug

*.=info;*.=notice;*.=warn;\
        auth,authpriv.none;\
        cron,daemon.none;\
        mail,news.none          -/var/log/messages

#
# Emergencies are sent to everybody logged in.
#
*.emerg                         *

#
# I like to have messages displayed on the console, but only on a virtual
# console I usually leave idle.
#
#daemon,mail.*;\
#       news.=crit;news.=err;news.=notice;\
#       *.=debug;*.=info;\
#       *.=notice;*.=warn       /dev/tty8

# The named pipe /dev/xconsole is for the `xconsole' utility.  To use it,
# you must invoke `xconsole' with the `-file' option:
# 
#    $ xconsole -file /dev/xconsole [...]
#
# NOTE: adjust the list below, or you'll go crazy if you have a reasonably
#      busy site..
#

Reply to:

Follow-Ups:
- Re: iptables & syslog help
  - From: Stephen Touset <stephen@touset.org>

Prev by Date: Re: nForce 2 and Woody: How can I achieve a network install and what functionality is available without the nVidia drivers?
Next by Date: Re: switching user in X without logging out previous user
Previous by thread: Re: renew SSL key used in apache-ssl
Next by thread: Re: iptables & syslog help
Index(es):
- Date
- Thread