LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 05-14-2006, 04:12 AM   #1
gjhicks
Member
 
Registered: Jun 2004
Location: Melbourne, Australia
Posts: 47

Rep: Reputation: 15
iptables: how to stop any logging?


Hi,

I am using a simple iptables setup for providing NAT and forcing the users to use the content filtering proxy (Privoxy) on my home lan:

--------------------------------------------------------------------
# clear any existing iptables info
#
iptables --flush
iptables --table nat --flush
iptables --delete-chain
iptables --table nat --delete-chain

# set up and activate the NAT service
#
iptables --table nat --append POSTROUTING --out-interface eth1 -j MASQUERADE
iptables --append FORWARD --in-interface eth0 -j ACCEPT

# to stop lan clients accessing the net other then via privoxy, 'turn off' port 80 for the internal lan
#
iptables -I FORWARD -p TCP -i eth0 --dport 80 -j REJECT

# Turn on routing
#
echo 1 > /proc/sys/net/ipv4/ip_forward
--------------------------------------------------------------------

What should I alter in this script to stop any logging?

Thanks and regards,

Geoff.
 
Old 05-15-2006, 07:32 AM   #2
peter_robb
Senior Member
 
Registered: Feb 2002
Location: Szczecin, Poland
Distribution: Gentoo, Debian
Posts: 2,458

Rep: Reputation: 48
There aren't any -j LOG rules in your script, so there's no logging from netfilter there.

Which logging are you trying to stop?
 
Old 05-15-2006, 08:39 AM   #3
gjhicks
Member
 
Registered: Jun 2004
Location: Melbourne, Australia
Posts: 47

Original Poster
Rep: Reputation: 15
Hi,

Thanks for the reply.

I thought that, even without '-j LOG' rules that iptables would have some sort of default logging (to syslog?).

It is a long story but I am using a frugal install of Damn Small Linux to run a Linux server box, to serve the internet to my home LAN. Thus, am keen to avoid any logging, which will full up the available ram (where DSL is running) pretty quickly.

So, if there are no '-j LOG' rules does that mean no logging?

Thanks again,

Geoff.
 
Old 05-17-2006, 07:18 AM   #4
peter_robb
Senior Member
 
Registered: Feb 2002
Location: Szczecin, Poland
Distribution: Gentoo, Debian
Posts: 2,458

Rep: Reputation: 48
No logging from iptables..

Other programs might log..

You can remote log with syslog to another machine.
Have a look at man syslog
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
how to get squid to stop logging TCP_DENIED entries PirateJack Linux - Software 0 03-15-2006 09:10 AM
How to stop X11 w/o logging out? dauphinfay Linux - General 8 02-25-2006 02:00 PM
How to stop firewall logging to terminal screen ozymandias Linux - Security 10 10-01-2005 04:32 AM
Logging with Start stop daemon bigsness Linux - General 0 01-19-2005 03:25 PM
Stop Printer Messages Logging to TTY Cyyb Linux - General 2 06-20-2003 02:02 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 10:53 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration