Re: iptables logging

To: debian security list <debian-security@lists.debian.org>
Subject: Re: iptables logging
From: Saku Ytti <saku-debian-security@ytti.fi>
Date: Sun, 22 Jul 2001 09:29:45 +0300
Message-id: <[🔎] 20010722092945.A11854@ytti.fi>
Mail-followup-to: Saku Ytti <saku-debian-security@ytti.fi>, debian security list <debian-security@lists.debian.org>
In-reply-to: <[🔎] 20010722081834.A12892@a184107.studnetz.uni-leipzig.de>
References: <[🔎] 20010721225908.A21497@nortelnetworks.com> <[🔎] 20010722081834.A12892@a184107.studnetz.uni-leipzig.de>

On Sun, Jul 22, 2001 at 08:18:34AM +0200, Matthias Richter wrote:
 
> You need to tell iptables which packages should be logged. For example:
> 
> iptables -N log # This table logs and hands package over to "delete"
> iptables -N delete - This table rejects anything
> 
> iptables -A INPUT <RULE> -j log # Rule to be logged
> iptables -A INPUT <RULE> -j delete # Rule not to be logged
> 
> iptables -A log -j LOG --log-prefix "Rejected: " # be verbose in syslog
> iptables -A log -j delete # hand over package to "delete"
> 
> iptables -A delete -j REJECT # gracefully reject package
> 
> It would be bad to have iptables log everything by default --> man DOS

No not really, you can use limit-module and define at which rate in maximum
will you choose to LOG matching entries. 

-- 
	++ytti

Reply to:

References:
- iptables logging
  - From: Jeff Coppock <jcoppock1@home.com>
- Re: iptables logging
  - From: Matthias Richter <matthias@vielfalt.de>

Prev by Date: Re: red worm amusement
Next by Date: Re: red worm amusement
Previous by thread: Re: iptables logging
Next by thread: Re: iptables logging
Index(es):
- Date
- Thread