Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game. |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
06-05-2002, 01:58 AM
|
#1
|
LQ Newbie
Registered: Jun 2002
Location: Belgium
Distribution: RedHat, DeBian
Posts: 11
Rep:
|
iptables log question
In my iptables script i have on written a log option on all forwarded traffic but i'm curious were the hell that log is written, because i can't find it.
The rule i've wrote is:
$IPTABLES -A Forward -j LOG
The other parts of my script are working fine but for safety i want the forward rule to be logged.
Can someone tell me were those logs are or what i'm doing wrong?
GREETZZ
Silentwisdom
|
|
|
06-05-2002, 03:26 AM
|
#2
|
Member
Registered: May 2002
Location: Dalec, HU
Distribution: Redhat 7.3
Posts: 696
Rep:
|
it is suppose to be written in syslog
you may specify --log-prefix "IPTABLES log:"
you'll be able to find it easily
|
|
|
06-05-2002, 03:27 AM
|
#3
|
Member
Registered: May 2002
Location: Dalec, HU
Distribution: Redhat 7.3
Posts: 696
Rep:
|
ohh
i forgot
you need to check /etc/syslog.conf to make sure that kernel logging in turned on
regards
|
|
|
06-05-2002, 08:30 AM
|
#4
|
LQ Newbie
Registered: Jun 2002
Location: Belgium
Distribution: RedHat, DeBian
Posts: 11
Original Poster
Rep:
|
is thjis the lane for kernel logging?
because it was commented out
It was
#*.kern /dev/console
i made it
*.kern /var/log/messages
Is the traffic now logged into messages in the var/log directory????
GREEEETZZZZZZZ
Silentwisdom
|
|
|
06-05-2002, 08:31 AM
|
#5
|
LQ Newbie
Registered: Jun 2002
Location: Belgium
Distribution: RedHat, DeBian
Posts: 11
Original Poster
Rep:
|
made a mistake In the post
It must be
kern.*
instead of
*.kern
|
|
|
06-05-2002, 08:42 AM
|
#6
|
Member
Registered: Apr 2002
Posts: 498
Rep:
|
No that is not it. You need to add a line to the syslog.conf file that reads something like this:
kern.warn /var/log/messages
You also need to be sure that the logging statement is high enough in the chain that it actually gets executed. For instance if you drop all forwarded packets before this statement, the logging is never done.
|
|
|
06-05-2002, 08:54 AM
|
#7
|
LQ Newbie
Registered: Jun 2002
Location: Belgium
Distribution: RedHat, DeBian
Posts: 11
Original Poster
Rep:
|
Now i've putted my log rule before the declaration of my default policie in the chain.
And i've changed my sylog.conf file
But i still get nothing in my messages
:-(
|
|
|
06-05-2002, 04:08 PM
|
#8
|
Member
Registered: May 2002
Location: Dalec, HU
Distribution: Redhat 7.3
Posts: 696
Rep:
|
1.) restart syslog
modify line in sylog like this
*.info;mail.none;authpriv.none;cron.none;kern.* /var/log/messages
and it will work fine.
But you might have log statement at the wrong place like Truckstuff suggested
read www.iptables.com howtos,
|
|
|
06-06-2002, 11:43 AM
|
#9
|
LQ Newbie
Registered: Jun 2002
Location: Belgium
Distribution: RedHat, DeBian
Posts: 11
Original Poster
Rep:
|
I still don't get it working Were must i put the log statement?
Before the default policie ar after it?????
I had it working once but my logs got to big so i killed it.
|
|
|
All times are GMT -5. The time now is 06:26 PM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|