[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: help - log iptables



example;

iptables -A INPUT -j allow
iptables -A INPUT -j LOG --log-prefix="Dropped :"

iptables -N allow
iptables -A allow -p tcp -m multiport --dports http,https,domain -m conntrack --ctstate NEW,ESTABLISHED,RELATED -j ACCEPT
iptables -A allow -p udp --dport 63

iptables -P INPUT DROP


you see log via dmesg or syslog.


On 04/01/2011 04:06 PM, Bjoern Meier wrote:
hi,

2011/4/1 Flavio A. Reis<reis.falexandre@gmail.com>:
Hello,
friends, you can log into all that iptables is being blocked without logging
rules ACCEPT.
Example:
My Firewall has only opened the ports (80, 443, 53).
You can log all other connection attempts?
Thanks
att
sure.
- Set Default Policy for INPUT to DROP
- Create Rule for ACCEPT 80,443,53
- Append logging Rule (if the packets end here, it will be dropped);
maybe with Prefix "DROP:"
- change logrotate rules (you will get a lot of log entries).

Greetings,
Björn




Reply to: