Re: IPTABLES

To: dude <dude@deletia.com>
Cc: "debian-user@lists.debian.org" <debian-user@lists.debian.org>
Subject: Re: IPTABLES
From: Phil Brutsche <pbrutsch@tux.creighton.edu>
Date: Thu, 19 Jul 2001 23:14:57 -0500 (CDT)
Message-id: <[🔎] Pine.LNX.4.33.0107192312280.29551-100000@tux.creighton.edu>
In-reply-to: <[🔎] Pine.LNX.4.33.0107192224090.21512-100000@leary.csoft.net>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

A long time ago, in a galaxy far, far way, someone said...

> How do i get iptables to log packets that it DROPs?

No way directly.  When I need log packets I use two nearly identical
iptables statements, like so when I block outgoing NetBIOS packets:

iptables -A OUTPUT -p tcp --dport 137:139 -j LOG
iptables -A OUTPUT -p tcp --dport 137:139 -j DENY

iptables -A OUTPUT -p udp --dport 137:139 -j LOG
iptables -A OUTPUT -p udp --dport 137:139 -j DENY

- -- 
- ----------------------------------------------------------------------
Phil Brutsche				    pbrutsch@tux.creighton.edu

GPG fingerprint: 9BF9 D84C 37D0 4FA7 1F2D  7E5E FD94 D264 50DE 1CFC
GPG key id: 50DE1CFC
GPG public key: http://tux.creighton.edu/~pbrutsch/gpg-public-key.asc
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: Made with pgp4pine

iD8DBQE7V7Be/ZTSZFDeHPwRArooAJ0eMJr+Z+OzZvAA7NyGD0ILm4pyeQCfZVxx
SRE9XROc4evt2ujARf3fALI=
=bGCn
-----END PGP SIGNATURE-----

Reply to:

Follow-Ups:
- Re: IPTABLES
  - From: David Purton <dcpurton@chariot.net.au>

References:
- IPTABLES
  - From: dude <dude@deletia.com>

Prev by Date: Re: asp visual basic on linux
Next by Date: Re: CRON - Can you make CRON run faster than every minute
Previous by thread: IPTABLES
Next by thread: Re: IPTABLES
Index(es):
- Date
- Thread