IPTABLES: How do you log denied packets
How do you log the deny & permitted packets when using IPTABLES? From time to time I need to write custom rules so being able to see what is being denied helps a lot.
My system runs CentOS4.3 & FC1-5. Thanks! Wilson |
You will need to adjust these to your system and place them at the bottom of the script after your allow rules, some custom logging rules will look like this:
Code:
iptables -A INPUT -p tcp -j LOG --log-prefix "TCP LOGDROP: " These are pretty generic you may need to read up on iptables to find out how to use these rules properly |
Thanks! Does this automatically put the logs in /var/log/messages?
|
Yes it should send all logs to /var/log/messages. Then if you want to view them you could make a cron job, or just run a script to find the logged packets and copy them to another file for easier viewing, or emailing to someone later.
Code:
#!/bin/sh |
All times are GMT -5. The time now is 08:26 PM. |