iptables loggin problem
Hello,
I have the following rules for my forward chain:
Chain FORWARD (policy DROP)
target prot opt source destination
ACCEPT tcp -- anywhere schamper.ugent.be tcp dpt:netbios-ssn
DROP tcp -- anywhere anywhere tcp dpt:135
DROP udp -- anywhere anywhere udp dpt:135
DROP tcp -- anywhere anywhere tcp dpt:netbios-ssn
DROP udp -- anywhere anywhere udp dpt:netbios-ssn
DROP tcp -- anywhere anywhere tcp dpt:445
DROP udp -- anywhere anywhere udp dpt:445
DROP tcp -- anywhere anywhere tcp dpt:593
DROP udp -- anywhere anywhere udp dpt:593
DROP tcp -- 10.0.0.0/24 anywhere tcp dpts:ircd:6668
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT all -- anywhere anywhere state NEW
LOG all -- anywhere anywhere LOG level debug prefix `IPT FORWARD packet died: '
Now, I tried to connect to an irc server from behind the firewall and
that didn't work. Like it should. Now I should expect that I would
see something about the in the syslog file. Nope didn't see anything.
I would like to see a logging from all dropped packets. How can I
achieve this? Thanks in advance,
--
Rudy Gevaert rudy@zeus.UGent.be
Web page http://www.webworm.org
GNU/Linux user and Savannah hacker http://savannah.gnu.org
Whenever I climb I am followed by a dog called 'Ego'.
- Friedrich Nietzsche (1844-1900)
Reply to: