LinuxQuestions.org - iptables: how to stop any logging?

- Linux - Networking (https://www.linuxquestions.org/questions/linux-networking-3/)

- - iptables: how to stop any logging? (https://www.linuxquestions.org/questions/linux-networking-3/iptables-how-to-stop-any-logging-444606/)

iptables: how to stop any logging?

Hi,

I am using a simple iptables setup for providing NAT and forcing the users to use the content filtering proxy (Privoxy) on my home lan:

--------------------------------------------------------------------
# clear any existing iptables info
#
iptables --flush
iptables --table nat --flush
iptables --delete-chain
iptables --table nat --delete-chain

# set up and activate the NAT service
#
iptables --table nat --append POSTROUTING --out-interface eth1 -j MASQUERADE
iptables --append FORWARD --in-interface eth0 -j ACCEPT

# to stop lan clients accessing the net other then via privoxy, 'turn off' port 80 for the internal lan
#
iptables -I FORWARD -p TCP -i eth0 --dport 80 -j REJECT

# Turn on routing
#
echo 1 > /proc/sys/net/ipv4/ip_forward
--------------------------------------------------------------------

What should I alter in this script to stop any logging?

Thanks and regards,

Geoff.

There aren't any -j LOG rules in your script, so there's no logging from netfilter there.

Which logging are you trying to stop?

Hi,

Thanks for the reply.

I thought that, even without '-j LOG' rules that iptables would have some sort of default logging (to syslog?).

It is a long story but I am using a frugal install of Damn Small Linux to run a Linux server box, to serve the internet to my home LAN. Thus, am keen to avoid any logging, which will full up the available ram (where DSL is running) pretty quickly.

So, if there are no '-j LOG' rules does that mean no logging?

Thanks again,

Geoff.

No logging from iptables..

Other programs might log..

You can remote log with syslog to another machine.
Have a look at man syslog