Re: How to work with my iptables script

To: Daniel Pittman <daniel@rimspace.net>
Cc: debian-firewall@lists.debian.org
Subject: Re: How to work with my iptables script
From: Jacob Friis Larsen <jfl@list.idg.dk>
Date: Mon, 30 Aug 2004 12:37:34 +0200
Message-id: <[🔎] 4133036E.7000201@list.idg.dk>
In-reply-to: <[🔎] 87u0urcoet.fsf@enki.rimspace.net>
References: <[🔎] 412C2C07.4020806@list.idg.dk> <[🔎] 87zn4jd5eh.fsf@enki.rimspace.net> <[🔎] 412C6D0E.90209@list.idg.dk> <[🔎] 87u0urcoet.fsf@enki.rimspace.net>

Logging would probably also be useful.


How do I do that?


the 'LOG' or 'ULOG' targets.  'LOG' is easier to use initially, and the
iptables manual page covers it.

It writes messages about packets that match that rule to your kernel
message log, which feeds into syslog.


Could I do it like this:

# Default rules
iptables -P INPUT LOG DROP
iptables -P FORWARD LOG DROP
iptables -P OUTPUT ACCEPT


Thanks,
Jacob

Reply to:

Follow-Ups:
- Re: How to work with my iptables script
  - From: Daniel Pittman <daniel@rimspace.net>

References:
- How to work with my iptables script
  - From: Jacob Friis Larsen <jfl@list.idg.dk>
- Re: How to work with my iptables script
  - From: Daniel Pittman <daniel@rimspace.net>
- Re: How to work with my iptables script
  - From: Jacob Friis Larsen <jfl@list.idg.dk>
- Re: How to work with my iptables script
  - From: Daniel Pittman <daniel@rimspace.net>

Prev by Date: Re: How to work with my iptables script
Next by Date: Re: How to work with my iptables script
Previous by thread: Re: How to work with my iptables script
Next by thread: Re: How to work with my iptables script
Index(es):
- Date
- Thread