LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 10-08-2004, 01:58 PM   #1
logo
Member
 
Registered: Sep 2004
Distribution: Fedora Core 3
Posts: 47

Rep: Reputation: 15
Logging for IPTABLES


Hello all.
I have a question. I want to log specific internet traffic using the IPTABLES firewall.
I found that I can define -j LOG as target, but I can't find where the logs are located. Can anyone tell where they are and what are the log files named, or suggest another way of logging specified traffic(program, command)?
Thaks a lot.
 
Old 10-08-2004, 04:51 PM   #2
homey
Senior Member
 
Registered: Oct 2003
Posts: 3,057

Rep: Reputation: 61
Hopefully, you don't log everything good or bad. I've never had the misfortune of it getting used but I'm pretty sure it gets saved to /var/log/messages. Maybe you could test it with a normal event.
 
Old 10-09-2004, 07:21 AM   #3
mritch
Member
 
Registered: Nov 2003
Location: austria
Distribution: debian
Posts: 667

Rep: Reputation: 30
i suggest to use
--log-level info (won't disturb your console)
--log-prefix "something" (maybe the rule name for better understanding what caused the drop/log - will show up in messages)

if you want to log a lot of traffic i'd suggest to use somthing like "-m limit --limit 6/m --limit-bursts 3", so the logs won't get too full.

sl mritch.
 
Old 10-11-2004, 07:15 AM   #4
bennethos
Member
 
Registered: Aug 2003
Location: Belgium
Distribution: -- Slackware for servers -- Debian for desktops --
Posts: 124

Rep: Reputation: 16
logs

I also got question bout' iptables, when i do iptables -L

I put in my input chain, first rule, test rule following :

LOG icmp -- anywhere anywhere icmp echo-reply LOG level warning


can anyone explain me what LOG level warning means ??? what about the warning ?
I also noticed he doesn't Log anything, not in syslog not in messages not in kern.log ....

thx !!!
 
Old 10-11-2004, 09:23 AM   #5
mritch
Member
 
Registered: Nov 2003
Location: austria
Distribution: debian
Posts: 667

Rep: Reputation: 30
would be the priority the logentry will get:
--log-level warning
..have a look into "man syslog" to get an overview about the different priorities...

sl mritch.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
IPTABLES - Logging metallica1973 Linux - Security 10 10-27-2005 05:17 PM
iptables logging laotalax Linux - Networking 1 10-25-2005 09:55 AM
Iptables and logging bennethos Linux - Security 1 10-18-2004 12:40 AM
Iptables logging Mogwa_ Linux - Security 2 08-01-2004 02:54 PM
iptables and logging Yohhan Linux - Networking 2 05-04-2004 11:55 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 01:49 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration