LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Software (https://www.linuxquestions.org/questions/linux-software-2/)
-   -   iptables port forwarding logging (https://www.linuxquestions.org/questions/linux-software-2/iptables-port-forwarding-logging-654125/)

wag2639 07-07-2008 01:00 PM
iptables port forwarding logging
 
After looking up numerous forums, including here, I got my port forwarding to work. It's something like this:

echo 1 > /proc/sys/net/ipv4/ip_forward
/sbin/iptables -t nat -A PREROUTING -p tcp -i eth0 --dport 22022 -j DNAT --to 123.123.123.23:22
/sbin/iptables -t nat -A PREROUTING -p tcp -i eth0 --dport 22023 -j DNAT --to 123.123.123.54:22
/sbin/iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
/sbin/iptables -A FORWARD -p tcp --dport 22 -j ACCEPT


Now my question is, how do I log these port forwards to a specific place, something like /var/logs/portfowards.log?

Thanks

dkm999 07-07-2008 11:12 PM
You can put a rule with a LOG target into the NAT table with the same conditions as the DNAT rule. eg
Code:
/sbin/iptables -t nat -A PREROUTING -p tcp -i eth0 --dport 22022 -j LOG --log-prefix PortForward:
Put this just before the corresponding DNAT rule, and you will get stuff in the /var/log/messages file by default. To put them into another file, you have limited choices with the standard syslog facilities. A better scheme uses syslog-ng, which gives you more flexibility in sorting and routing log messages.

wag2639 07-08-2008 10:15 AM
Thanks. I can't seem to figure out how to use the syslog. I'm using a Fedora 9. I have an rsyslog but I don't know how to use that.

tbergfeld 07-08-2008 10:41 AM
Hi
I know it's a bit late...
but try looking at this link...perhaps you will find something can help you:
http://www.rsyslog.com/doc


All times are GMT -5. The time now is 05:24 PM.