[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Can't get iptables LOG

Hi,

I'm trying to get iptables to LOG on a xen virtual machine, but for
some reason I can't get iptables to log.

Here's what I'm doing:

in /etc/syslog.conf I have:
*.* /var/log/iptables.log

I restarted syslog:
# /etc/init.d/sysklogd restart
Restarting system log daemon: syslogd.

Now I setup the LOG rule:
iptables -F
iptables -X
iptables -v -A INPUT -j LOG
iptables -P INPUT ACCEPT
iptables -P OUTPUT ACCEPT
iptables -P FORWARD ACCEPT

I can't make it simplier I think.

I check if the rules are ok:
# iptables -nvL
Chain INPUT (policy ACCEPT 630 packets, 46742 bytes)
 pkts bytes target     prot opt in     out     source
destination
   99  7092 LOG        0    --  *      *       0.0.0.0/0
0.0.0.0/0           LOG flags 0 level 4

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source
destination

Chain OUTPUT (policy ACCEPT 436 packets, 65874 bytes)
 pkts bytes target     prot opt in     out     source
destination

I see that some packets are logged in, but I can't see anything in
/var/log/iptables.log, or any other log file =(

See:
cat /var/log/iptables:
Feb 22 11:51:09 jfg-pgslave2 syslogd 1.4.1#18: restart.

Nothing more, even by generating some traffic.
I don't see why it does not work (it works on other boxes) and I don't
see how I can look deeper in order to debug this behavior =(
I'm using a debian etch.

Thanks for the help !

-- 
Laurent Raufaste
<http://www.glop.org/>
Reply to: