LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 06-25-2004, 09:21 AM   #1
schatoor
Senior Member
 
Registered: Jul 2002
Location: a tiny place caled hendrik ido ambacht in the netherlands
Distribution: SuSE, debian, slackware, lfs
Posts: 1,358

Rep: Reputation: 45
outputting firewall messages to a file instead if stdout


Hi, I just setuped my firewall. Installed iptables, recompiled my kernel and build additional modules... you know the workes. The good news is the firewall actually workes, but it outputs messages directly to my console fludding it and thus rendering it effectivelly useless. Not good!!!
Here is the script I use to get my firewall up and running on every boot:

Code:
 #!/bin/sh

# Begin $rc_base/init.d/firewall


case "$1" in
  start)
     echo "starting firewall..."

     # Insert connection-tracking modules (not needed if built into the
     # kernel).
     modprobe ip_tables
     modprobe iptable_filter
     modprobe ip_conntrack
     modprobe ip_conntrack_ftp
     modprobe ipt_state
     modprobe ipt_LOG

     # allow local-only connections
     /usr/sbin/iptables -A INPUT  -i lo -j ACCEPT
     # free output on any interface to any ip for any service (equal to -P
     # ACCEPT)
     /usr/sbin/iptables -A OUTPUT -j ACCEPT

     # permit answers on already established connections
     # and permit new connections related to established ones (eg active-ftp)
     /usr/sbin/iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

     # Log everything else:  What's Windows' latest exploitable
     # vulnerability?
     /usr/sbin/iptables -A INPUT -j LOG --log-prefix "FIREWALL:INPUT "

     # set a sane policy:    everything not accepted > /dev/null
     /usr/sbin/iptables -P INPUT    DROP
     /usr/sbin/iptables -P FORWARD  DROP
     /usr/sbin/iptables -P OUTPUT   DROP

     # be verbose on dynamic ip-addresses     (not needed in case of static
     # IP)
     echo 2 > /proc/sys/net/ipv4/ip_dynaddr

     # disable ExplicitCongestionNotification - too many routers are still
     # ignorant
     echo 0 > /proc/sys/net/ipv4/tcp_ecn
     ;;
  stop)
     echo "stopping firewall..."

     # deactivate IP-Forwarding
     echo 0 > /proc/sys/net/ipv4/ip_forward

     /usr/sbin/iptables -Z
     /usr/sbin/iptables -F
     /usr/sbin/iptables -X
     /usr/sbin/iptables -P INPUT       ACCEPT
     /usr/sbin/iptables -P FORWARD     ACCEPT
     /usr/sbin/iptables -P OUTPUT      ACCEPT

     #unload the modules

     rmmod iptable_filter
     rmmod ipt_state
     rmmod ipt_LOG
     rmmod ip_tables
     rmmod ip_conntrack_ftp
     rmmod ip_conntrack
     ;;
   restart)
     $0 stop
     /bin/sleep 1
     $0 start
     ;;
    *)
        echo "Usage: $0 {start|stop|restart}"
        exit 1
        ;;
esac
I wrote this my self, with much help from the linux from scratch book. How should I change this so that the firewall output is redirected to a file insted of the standard output???

Any help is appriciated, thanks.

Last edited by schatoor; 06-25-2004 at 09:27 AM.
 
Old 06-25-2004, 11:24 AM   #2
ppuru
Senior Member
 
Registered: Mar 2003
Location: Beautiful BC
Distribution: RedHat & clones, Slackware, SuSE, OpenBSD
Posts: 1,791

Rep: Reputation: 47
edit /etc/syslog.conf

kern.* /var/log/kernellog

and add kern.none to the /var/log/messages line.
 
Old 06-25-2004, 11:40 AM   #3
hazza
Member
 
Registered: Nov 2003
Location: Australia
Distribution: Mandrake, SUSE, Fedora
Posts: 122

Rep: Reputation: 15
Another way to prevent the firewall log output being displayed on your console is to use add "--log-level info" to you log rules.

e.g.

/usr/sbin/iptables -A INPUT -j LOG --log-prefix "FIREWALL:INPUT " --log-level info
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
outputting data from a directory to a text file? minm Linux - Newbie 2 12-19-2004 06:46 PM
Help decipher lines in messages file suse firewall TongueTied Linux - Security 3 05-04-2004 12:40 PM
reading a text file and outputting to another. Hardw1re Programming 28 11-03-2003 08:51 AM
outputting ftp contents to file kubicon Linux - Networking 2 09-15-2003 02:01 PM
My usb spits out messages in stdout!! Meros Linux - Hardware 3 08-18-2002 10:06 AM


All times are GMT -5. The time now is 12:39 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration