Guillaume wrote:
> Hi,
> I use personalized ipfilters and I want to log dropped packet to a
> dedicated file in /var/log by using syslog.
...>
> #for iptables
> #in a user define chain called for each packet i want to filter
> iptables -A LOG_AND_DROP -m limit --limit 10/minute -j LOG --log-level
> info --log-prefix "[IPTABLES DROP]: "
>
> #my syslog.conf#
... /var/log/auth.log
> *.*;auth,authpriv.none -/var/log/syslog
...
> #eof#
>
> The /var/log/kern.log is not populated too !
I'd suggest checking whether you see your iptables messages in /var/log/syslog.
If not, then maybe your iptables rule isn't getting executed. You might
try putting a rule with -j LOG first on a chain to make sure it's being
executed. Then maybe you can identify whether the problem is in the
logging side (logging from iptables to syslogd and from syslogd to files)
or is in your iptables setup.
Daniel
--
(Plain text sometimes corrupted to HTML "courtesy" of Microsoft Exchange.) [F]