LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
Reload this Page What is the best way to log traffic trough firewall?
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
LinkBack Search this Thread
Old 04-26-2005, 08:37 AM   #1
G-Fox
Member
 
Registered: Jul 2003
Location: Lithuania
Posts: 45

Rep: Reputation: 15
What is the best way to log traffic trough firewall?

Hello, everybody who read this message

What is the best way to log traffic trough firewall?
I have linux box with NAT (one external ip) and get mail from my ISP what my external ip is infected by virus. They sent my logs of virus activity, but in my linux box I don't make any logs and can't find which internal pc is infected... So I decided to start logging everything to find out in future witch pc is infected.

Thanks for any answer.
 
Old 05-04-2005, 01:31 PM   #2
BinaryBob
Member
 
Registered: Aug 2002
Posts: 117

Rep: Reputation: 15
Assuming IP tables is your firewall...

I'm pretty sure running these commands on the firewall/Nat box will log all the packets that the machine uses locally.
Code:
iptables -A INPUT -j LOG
iptables -A OUTPUT -j LOG
And this command should log all the traffic NOT for the machine itself (ie- natted sutff):
Code:
iptables -A FORWARD -j LOG
If anyone has corrections to this, please speak up, I'm no firewall pro.

Good luck.
 
Old 05-04-2005, 01:38 PM   #3
mrcheeks
Senior Member
 
Registered: Mar 2004
Location: far enough
Distribution: OS X 10.6.7
Posts: 1,690

Rep: Reputation: 50
i use ULOGD daemon for firewall login
 
Old 05-04-2005, 01:55 PM   #4
G-Fox
Member
 
Registered: Jul 2003
Location: Lithuania
Posts: 45

Original Poster
Rep: Reputation: 15
Thanks for info
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
What is the best way to log traffic trough firewall? G-Fox Linux - Security 2 04-28-2005 01:16 PM
What is the best way to log traffic trough firewall? G-Fox Linux - Newbie 6 04-27-2005 08:41 AM
Loggin IP traffic to a log file brokenflea Linux - Security 1 03-30-2005 05:53 PM
firewall and traffic Vladix Linux - Networking 0 07-15-2003 12:20 PM
firewall traffic blocking help jaylee Linux - Security 8 06-30-2003 10:44 AM


All times are GMT -5. The time now is 09:28 PM.

Contact Us - Advertising Info - Rules - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
 
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: @linuxquestions
Open Source Consulting | Domain Registration