[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

iptables loggin problem



Hello,

I have the following rules for my forward chain:


Chain FORWARD (policy DROP)
target     prot opt source               destination
ACCEPT     tcp  --  anywhere             schamper.ugent.be  tcp dpt:netbios-ssn
DROP       tcp  --  anywhere             anywhere           tcp dpt:135
DROP       udp  --  anywhere             anywhere           udp dpt:135
DROP       tcp  --  anywhere             anywhere           tcp dpt:netbios-ssn
DROP       udp  --  anywhere             anywhere           udp dpt:netbios-ssn
DROP       tcp  --  anywhere             anywhere           tcp dpt:445
DROP       udp  --  anywhere             anywhere           udp dpt:445
DROP       tcp  --  anywhere             anywhere           tcp dpt:593
DROP       udp  --  anywhere             anywhere           udp dpt:593
DROP       tcp  --  10.0.0.0/24          anywhere           tcp dpts:ircd:6668
ACCEPT     all  --  anywhere             anywhere           state RELATED,ESTABLISHED
ACCEPT     all  --  anywhere             anywhere           state NEW
LOG        all  --  anywhere             anywhere           LOG level debug prefix `IPT FORWARD packet died: '

Now, I tried to connect to an irc server from behind the firewall and
that didn't work.  Like it should.  Now I should expect that I would
see something about the in the syslog file.  Nope didn't see anything.

I would like to see a logging from all dropped packets.  How can I
achieve this?  Thanks in advance,


-- 
Rudy Gevaert                rudy@zeus.UGent.be
Web page                    http://www.webworm.org
GNU/Linux user and Savannah hacker http://savannah.gnu.org
Whenever I climb I am followed by a dog called 'Ego'.
-  Friedrich Nietzsche (1844-1900)



Reply to: