Re: How to drop all INCOMING requests and syslog it ?

To: debian-firewall@lists.debian.org
Subject: Re: How to drop all INCOMING requests and syslog it ?
From: Michelle Konzack <linux4michelle@freenet.de>
Date: Wed, 31 Dec 2003 11:59:07 +0100
Message-id: <[🔎] 20031231105906.GG301@freenet.de>
In-reply-to: <[🔎] 20031231014107.19400.qmail@silvio.root.cl>
References: <[🔎] 20031231014107.19400.qmail@silvio.root.cl>

Hello Juan Carlos, 

Am 2003-12-31 01:41:07, schrieb Juan Carlos Inostroza:
>
>On Tue, 30 Dec 2003 18:01:02 +0100, Michelle Konzack
><linux4michelle@freenet.de> wrote :

>> Q 3:	Is ther a way in iptables to log the Stuff 
>> 	to another File as syslog ? 
>> 	e.g. /var/log/ipt_reject
>
>I guess not.

Found: TARGET ULOG

>But, to log all matching packets, from the iptables man page:
>
>                               This is a "non-terminating target",
>       i.e. rule traversal continues at the next rule.  So if you
>       want to LOG the packets you refuse, use two separate rules
>       with  the  same matching criterias, first using target LOG
>       then DROP (or REJECT).
>
>in plain english (by example, port 445, tcp)
>
>iptables -N port445
>iptables -A port445 -j LOG

This is for logging in syslog...
I have installed the 'ulogd' and if I use the target ULOG I have 
a seperated LOGFILE.

>iptables -A port445 -j DROP
>iptables -P port445 -j DROP
>
>iptables -A INPUT -p tcp --dport 445 -j port445

Now I understand a little bit better, how "-j ..." is working...

>--jci

Greetings
Michelle

-- 
Registered Linux-User #280138 with the Linux Counter, http://counter.li.org.

Reply to:

References:
- Re: How to drop all INCOMING requests and syslog it ?
  - From: "Juan Carlos Inostroza" <jci@tux.cl>

Prev by Date: Re: How to drop all INCOMING requests and syslog it ?
Previous by thread: Re: How to drop all INCOMING requests and syslog it ?
Index(es):
- Date
- Thread