LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Debian (https://www.linuxquestions.org/questions/debian-26/)
-   -   debian lenny iptables does not logs (https://www.linuxquestions.org/questions/debian-26/debian-lenny-iptables-does-not-logs-871677/)

classical 03-29-2011 05:47 AM
debian lenny iptables does not logs
 
hello everybody.

I have problem with loging, actually iptables logs a data but it seems that for some reasons does not writes in a log file:


Code:
iptables -L -v
Chain INPUT (policy ACCEPT 406 packets, 124K bytes)
 pkts bytes target    prot opt in    out    source              destination       
    0    0 ACCEPT    tcp  --  any    any    xxxxxxxxxxx        anywhere            tcp dpt:xxxx
    0    0 ACCEPT    udp  --  any    any    xxxxxxxxxxx        anywhere            udp dpt:xxxx
  322 23848 LOG        tcp  --  any    any    anywhere            anywhere            tcp dpt:ssh LOG level warning
    0    0 ACCEPT    tcp  --  any    any    xxxxxxxxxxx  anywhere            tcp dpt:ssh
  322 23848 ACCEPT    tcp  --  any    any    xxxxxxx        anywhere            tcp dpt:ssh
    0    0 ACCEPT    tcp  --  any    any    xxxxxxxxxx        anywhere            tcp dpt:ssh
    0    0 ACCEPT    tcp  --  any    any    xxxxxxxxxx        anywhere            tcp dpt:ssh
    0    0 ACCEPT    tcp  --  any    any    xxxxxxxxxx        anywhere            tcp dpt:ssh
    0    0 ACCEPT    tcp  --  any    any    xxxxxxxxxxx        anywhere            tcp dpt:ssh
i checked /var/log/message and /var/log/syslog nothing is here related to iptables. then i create separate file for Iptables by adding this: kern.warning /var/log/iptables.log in my rsyslog.conf it does create iptables.log file inside /var/ but its still empty need some help to figure out how to fix this

repo 03-29-2011 06:00 AM
Did you use the LOG option in your iptables rules?
http://www.linuxtopia.org/Linux_Fire...les/x4238.html

Kind regards

classical 03-29-2011 07:04 AM
Quote:
Originally Posted by repo (Post 4307334)
Did you use the LOG option in your iptables rules?
http://www.linuxtopia.org/Linux_Fire...les/x4238.html

Kind regards
at first i had simple LOG without any option now i add --log-level warning
My rules looks like this:
Code:
-A INPUT -p tcp -m tcp --dport 22 -j LOG --log-level warning
-A INPUT -s xxxxxxx -p tcp -m tcp --dport 22 -j ACCEPT
-A INPUT -s xxxxxxx -p tcp -m tcp --dport 22 -j ACCEPT
-A INPUT -s xxxxxxx -p tcp -m tcp --dport 22 -j ACCEPT
-A INPUT -s xxxxxxx -p tcp -m tcp --dport 22 -j ACCEPT
-A INPUT -s xxxxxxx -p tcp -m tcp --dport 22 -j ACCEPT
-A INPUT -s xxxxxxx -p tcp -m tcp --dport 22 -j ACCEPT
and in my rsyslogd i have following line: kern=.warning -/var/log/iptables.log
Permissions is Ok . . . Log file is still empty . .. Any suggestions ?

classical 03-30-2011 01:09 AM
still need help

classical 04-07-2011 05:01 AM
BUMP


All times are GMT -5. The time now is 03:37 PM.