LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 08-06-2005, 11:40 AM   #1
RecoilUK
Member
 
Registered: Jul 2001
Location: Southampton, England
Distribution: Mandrake 8.2 , Slackware 8.1, $LFS
Posts: 270

Rep: Reputation: 30
Logging firewall with syslog-ng?


Hi guys

I have devloped a firewall configuration, but I,m unsure how to setup logging for it.

Here is the firewall conf...

Code:
#!/bin/sh

IPT=/sbin/iptables

# Set default policy of deny all traffic
$IPT -P INPUT DROP
$IPT -P OUTPUT DROP
$IPT -P FORWARD DROP

# Flush and delete all existing firewall rules
$IPT -F
$IPT -X
$IPT -Z

# Allow SSH traffic
$IPT -A INPUT -p tcp --dport 12222 -j ACCEPT
$IPT -A OUTPUT -p tcp --sport 12222 -j ACCEPT

# Allow DNS traffic
$IPT -A INPUT -p udp --sport 53 -j ACCEPT
$IPT -A OUTPUT -p udp --dport 53 -j ACCEPT

# Allow BF2 Sever traffic
$IPT -A INPUT -p udp --dport 16567 -j ACCEPT
$IPT -A OUTPUT -p udp --sport 16567 -j ACCEPT
$IPT -A INPUT -p udp --dport 16568 -j ACCEPT
$IPT -A OUTPUT -p udp --sport 16568 -j ACCEPT
$IPT -A INPUT -p udp --dport 16569 -j ACCEPT
$IPT -A OUTPUT -p udp --sport 16569 -j ACCEPT
How can I setup logging for this? basically I want to log everything the firewall rejects for the time being.

Thanks
 
Old 08-06-2005, 04:28 PM   #2
Mara
Moderator
 
Registered: Feb 2002
Location: Grenoble
Distribution: Debian
Posts: 9,537

Rep: Reputation: 149Reputation: 149
Something as simple as this (added at the end of your rules):
iptables -A INPUT -j LOG
should work as you want. Note that the logs may grow very fast, so later think about limiting logs to a number of special cases.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Syslog logging Cron logins rhoekstra Fedora 4 02-17-2005 02:45 AM
syslog running but not logging tantric Linux - Security 1 10-15-2003 07:24 AM
logging information into syslog prisam Linux - Security 1 08-05-2003 09:58 AM
SYSLOG - logging to Remote Host dvong3 Linux - Networking 4 09-24-2002 07:14 AM
Kernel logging failure <<Syslog>> RKris Linux - General 1 09-18-2002 06:40 PM


All times are GMT -5. The time now is 04:19 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration