[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Can't get iptables LOG



Ok this was it !

Setting another value in /proc/sys/kernel/printk (and in sysctl.conf for boot time) fixed it.

Thanks a lot !

2008/2/22, Thomas Hospenthal <thospenthal@gmx.net>:
Hello

My Ubuntu Server didn't log eighter from iptables to syslogd. I
finally got it to work by telling the kernel log daemon (klogd) to
log everything from message level 4 and above. Iptables works in the
kernel and therefore its log messages will be logged in the kernel
log file (see /etc/syslog.conf).

On my Ubuntu, I had to add "-c 4" to the parameter in /etc/default/
klogd. The file itself says that
this method is depricated and you should use sysctl instead. I will
try that on my new server soon, but until then, this method seems to
work fine.

HTH

Tom

Am 22.02.2008 um 11:54 schrieb Laurent Raufaste:


> Hi,
>
> I'm trying to get iptables to LOG on a xen virtual machine, but for
> some reason I can't get iptables to log.
>
> Here's what I'm doing:
>
> in /etc/syslog.conf I have:
> *.* /var/log/iptables.log
>
> I restarted syslog:
> # /etc/init.d/sysklogd restart
> Restarting system log daemon: syslogd.
>
> Now I setup the LOG rule:
> iptables -F
> iptables -X
> iptables -v -A INPUT -j LOG
> iptables -P INPUT ACCEPT
> iptables -P OUTPUT ACCEPT
> iptables -P FORWARD ACCEPT
>
> I can't make it simplier I think.
>
> I check if the rules are ok:
> # iptables -nvL
> Chain INPUT (policy ACCEPT 630 packets, 46742 bytes)
>  pkts bytes target     prot opt in     out     source
> destination
>    99  7092 LOG        0    --  *      *       0.0.0.0/0
> 0.0.0.0/0           LOG flags 0 level 4
>
> Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
>  pkts bytes target     prot opt in     out     source
> destination
>
> Chain OUTPUT (policy ACCEPT 436 packets, 65874 bytes)
>  pkts bytes target     prot opt in     out     source
> destination
>
> I see that some packets are logged in, but I can't see anything in
> /var/log/iptables.log, or any other log file =(
>
> See:
> cat /var/log/iptables:
> Feb 22 11:51:09 jfg-pgslave2 syslogd 1.4.1#18: restart.
>
> Nothing more, even by generating some traffic.
> I don't see why it does not work (it works on other boxes) and I don't
> see how I can look deeper in order to debug this behavior =(
> I'm using a debian etch.
>
> Thanks for the help !
>
> --
> Laurent Raufaste
> <http://www.glop.org/>
>
>

> --
> To UNSUBSCRIBE, email to debian-firewall-REQUEST@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact
> listmaster@lists.debian.org




--
Laurent Raufaste
<http://www.glop.org/>
Reply to: