LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices

Reply
 
Search this Thread
Old 08-06-2010, 01:58 AM   #1
ultima789
LQ Newbie
 
Registered: Aug 2010
Posts: 2

Rep: Reputation: 0
Iptables not logging to Syslog


Hi.
Im stuck on why iptables wont log to syslog.
Syslog is working fine and log every other event on the server.

Here is my Configs:

/etc/syslog.conf
Code:
*.*             /var/log/iptables
/bin/firewall
Code:
#!/bin/bash

###### INTERNET
inet_if=eth0
inet_dhcp=1
inet_ip=
inet_netmask=

###### LAN
lan_if=eth1
lan_ip=192.168.0.1
lan_netmask=255.255.255.0
lan_dhcp_net=192.168.0.0
lan_dhcp_start=192.168.0.10
lan_dhcp_stop=192.168.0.99

htpc_ip=192.168.0.2
danielpc_ip=192.168.0.3


###### NEEDED BY THE FIREWALL
ifconfig $lan_if $lan_ip netmask $lan_netmask
echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -F
iptables -t nat -F

iptables -I INPUT 1 -i eth0 -j LOG
iptables -I FORWARD 1 -i eth0 -j LOG

iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
iptables -P INPUT DROP
iptables -P OUTPUT DROP
iptables -P FORWARD DROP
iptables -A INPUT -i lo -j ACCEPT
iptables -A OUTPUT -o lo -j ACCEPT

### Internet --> LAN (Portforwarding)
iptables -t nat -A PREROUTING -i $inet_if -p tcp --dport 24178 -j DNAT --to-destination $htpc_ip        # uTorrent


### Internet --> LAN (Accesslist)
iptables -A FORWARD -i $inet_if -p tcp --dport 24178 -j ACCEPT


# Internet -> Firewall

iptables -A INPUT -p icmp -j DROP
iptables -A INPUT -i eth0 -p tcp --dport 21 -j ACCEPT           # FTP
iptables -A INPUT -i eth0 -p tcp --dport 22 -j ACCEPT           # SSH
iptables -I INPUT -p tcp --dport 22 -i eth0 -m state --state NEW -m recent --set -j LOG
iptables -I INPUT -p tcp --dport 22 -i eth0 -m state --state NEW -m recent --update --seconds 600 --hitcount 3 -j DROP
iptables -A INPUT -i eth0 -p tcp --dport 80 -j ACCEPT           # HTTP
iptables -A INPUT -i eth0 -p tcp --dport 443 -j ACCEPT          # HTTPS
iptables -A INPUT -i eth0 -p udp --dport 514 -j ACCEPT

####### Needed by the FIREWALL
iptables -A INPUT -i $inet_if -m state --state ESTABLISHED,RELATED -j ACCEPT    # Accept INTERNET(related) -> FIREWALL
iptables -A INPUT -i $lan_if -j ACCEPT                                          # Accept LAN -> FIREWALL
iptables -A OUTPUT -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT           # Accept FIREWALL(new,related) -> INTERNET
iptables -A FORWARD -i $inet_if -m state --state RELATE,ESTABLISHED -j ACCEPT   # Accept INTERNET(related) -> LAN
iptables -A FORWARD -i $lan_if -j ACCEPT                                        # Accept LAN -> INTERNET
 
Old 08-06-2010, 02:47 AM   #2
ultima789
LQ Newbie
 
Registered: Aug 2010
Posts: 2

Original Poster
Rep: Reputation: 0
I found the solution.

Had to:
Code:
killall -9 klogd
klogd -s
To make it log to syslog :-)
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
syslog-ng -> syslog-ng logging, how to troubleshoot sir-lancealot Linux - Server 1 01-24-2009 06:07 AM
LXer: OpenLDAP Quick Tips: Using syslog or syslog-ng with slapd for OpenLDAP logging LXer Syndicated Linux News 0 11-14-2008 08:41 PM
syslog-ng is not logging coreno Linux - Software 4 09-08-2007 01:13 PM
Logging/syslog s0n|k Linux - Newbie 2 03-13-2006 07:36 PM
logging information into syslog prisam Linux - Security 1 08-05-2003 09:58 AM


All times are GMT -5. The time now is 05:42 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration