[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Creating a logfile for Netfilter

mdevin@ozemail.com.au wrote:

> Here is an alternative approach which I took.  I think it is a little
> easier.
> If you create a user defined chain something like the following:
> iptables -N log_droped
> iptables -A log_droped -j LOG --log-level 1 --log-prefix "droped_::"
> iptables -A log_droped -j DROP
> And make all your firewall rules that need to be dropped -j (jump) to
> this chain then they will be logged at log-level 1 (Alert).
> Then, if you edit /etc/syslog.conf and append the following line:
> kern.=alert                     -/var/log/firewall.log
> (Nb. line up with tabs)
> Then syslog will log all logs at level alert to the separate file.  Not
> much else gets logged at level alert so it should be OK and not upset
> other logging.
> Thus, the firewall will log to /var/log/firewall.log - just create this
> file with touch.
> Hth.
> Mark.

Thanks for the good advice man, I re-wrote the core of my firewall last night.
Using your advice I was able to seperate distinctive services into their own
chain, filter the datagrams, and then jump all all wanted datagrams into the

Now my script is a hell of a lot easier to follow and my logs are nice and neat.

Sorry about the late reply,


Reply to: