Re: Logging

To: debian-firewall@lists.debian.org
Subject: Re: Logging
From: Eric MacAdie <ekm@MacAdie.net>
Date: Sat, 8 Nov 2003 18:53:46 -0500 (EST)
Message-id: <[🔎] Pine.BSF.4.44.0311081850540.59658-100000@itonami.pair.com>
In-reply-to: <[🔎] 4783.193.81.246.12.1068099664.squirrel@and.xor.at>

On Thu, 6 Nov 2003, Johannes Resch wrote:
> James MS Anderson said:
> >
> > I'm sure this question's been asked loads of times, but I'm trying to
> > work out if there's anyway to get *JUST* the firewall logs into any one
> > file, rather than all the kernel logs and the firewall logs?
>
> take a look at ulogd (http://gnumonks.org/projects/ulogd).
>
> --jr

If I want to log everything that gets dropped, do I have to make two
rules? Or can I make just one?

Would I have to use:
$IPT -A INPUT -p 6 -s 0/0 -d 0/0 --dport 35186 -j DROP
$IPT -A INPUT -p 6 -s 0/0 -d 0/0 --dport 35186 -j ULOG

Or could I just use:
$IPT -A INPUT -p 6 -s 0/0 -d 0/0 --dport 35186 -j DROP -j ULOG

The documentation at gnumonks is not very good.

EKMacAdie

Reply to:

Follow-Ups:
- Re: Logging
  - From: "daniel" <daniel@debian-gnu.com>

References:
- Re: Logging
  - From: "Johannes Resch" <jr@xor.at>

Prev by Date: cutter -- ip conneciton cutter
Next by Date: Problems with iptables ECN target
Previous by thread: Re: Logging
Next by thread: Re: Logging
Index(es):
- Date
- Thread