[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: How to drop all INCOMING requests and syslog it ?



On Tue, 30 Dec 2003 18:01:02 +0100, Michelle Konzack
<linux4michelle@freenet.de> wrote :

> Hello, 
> Q 2:	How can I log all incoming requests ?
> 	specialy 445, 135, 137, 1434, telnet, smtp, 
> 	emule, kazza, ...

iptables -A INPUT -i <ethX> -p (tcp|udp) --dport <port> -j DROP

> 
> Q 3:	Is ther a way in iptables to log the Stuff 
> 	to another File as syslog ? 
> 	e.g. /var/log/ipt_reject

I guess not.

But, to log all matching packets, from the iptables man page:

                               This is a "non-terminating target",
       i.e. rule traversal continues at the next rule.  So if you
       want to LOG the packets you refuse, use two separate rules
       with  the  same matching criterias, first using target LOG
       then DROP (or REJECT).

in plain english (by example, port 445, tcp)

iptables -N port445
iptables -A port445 -j LOG
iptables -A port445 -j DROP
iptables -P port445 -j DROP

iptables -A INPUT -p tcp --dport 445 -j port445

--jci




Reply to: