Re: How to drop all INCOMING requests and syslog it ?

To: debian-firewall@lists.debian.org
Subject: Re: How to drop all INCOMING requests and syslog it ?
From: "Juan Carlos Inostroza" <jci@tux.cl>
Date: 31 Dec 2003 01:41:07 -0000
Message-id: <[🔎] 20031231014107.19400.qmail@silvio.root.cl>
In-reply-to: <>
References: <>

On Tue, 30 Dec 2003 18:01:02 +0100, Michelle Konzack
<linux4michelle@freenet.de> wrote :

> Hello, 
> Q 2:	How can I log all incoming requests ?
> 	specialy 445, 135, 137, 1434, telnet, smtp, 
> 	emule, kazza, ...

iptables -A INPUT -i <ethX> -p (tcp|udp) --dport <port> -j DROP

> 
> Q 3:	Is ther a way in iptables to log the Stuff 
> 	to another File as syslog ? 
> 	e.g. /var/log/ipt_reject

I guess not.

But, to log all matching packets, from the iptables man page:

                               This is a "non-terminating target",
       i.e. rule traversal continues at the next rule.  So if you
       want to LOG the packets you refuse, use two separate rules
       with  the  same matching criterias, first using target LOG
       then DROP (or REJECT).

in plain english (by example, port 445, tcp)

iptables -N port445
iptables -A port445 -j LOG
iptables -A port445 -j DROP
iptables -P port445 -j DROP

iptables -A INPUT -p tcp --dport 445 -j port445

--jci

Reply to:

Follow-Ups:
- Re: How to drop all INCOMING requests and syslog it ?
  - From: Michelle Konzack <linux4michelle@freenet.de>

Prev by Date: Re: [OT] USB-Card for ISA (was: Re: iptables, ipmasquerade, firewall and webadministration)
Next by Date: Re: How to drop all INCOMING requests and syslog it ?
Previous by thread: Re: How to drop all INCOMING requests and syslog it ?
Next by thread: Re: How to drop all INCOMING requests and syslog it ?
Index(es):
- Date
- Thread