LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
Reload this Page [SOLVED] iptables log only first connections
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 05-31-2018, 11:08 AM   #1
tonic75
LQ Newbie
 
Registered: May 2018
Posts: 2

Rep: Reputation: Disabled
iptables log only first connections

i have a openwrt with tun1 interface (chilli) and eth0.2 interface (wan). Chilli (tun1) assign an ip 10.1.0.2 to a device connected (wifi or router lan). With:

Quote:
iptables -I FORWARD -i tun1 -p tcp -j LOG
i can send to server all the logs of this tun1 interfaces, but in syslog server file i found more row with same and consecutive DST ip, for example:

Quote:
IN=tun1 OUT=eth0.2 MAC= SRC=10.1.0.2 DST=139.59.212.125
IN=tun1 OUT=eth0.2 MAC= SRC=10.1.0.2 DST=139.59.212.125
IN=tun1 OUT=eth0.2 MAC= SRC=10.1.0.2 DST=216.58.198.45
IN=tun1 OUT=eth0.2 MAC= SRC=10.1.0.2 DST=216.58.198.45
IN=tun1 OUT=eth0.2 MAC= SRC=10.1.0.2 DST=216.58.198.45
IN=tun1 OUT=eth0.2 MAC= SRC=10.1.0.2 DST=216.58.198.45
IN=tun1 OUT=eth0.2 MAC= SRC=10.1.0.2 DST=216.58.198.45
for each destination IP, i would send to server only log of the first connection (not duplicated). is possible?

thank you
 
Old 06-01-2018, 08:23 PM   #2
AwesomeMachine
LQ Guru
 
Registered: Jan 2005
Location: USA and Italy
Distribution: Debian testing/sid; OpenSuSE; Fedora; Mint
Posts: 5,524

Rep: Reputation: 1015Reputation: 1015Reputation: 1015Reputation: 1015Reputation: 1015Reputation: 1015Reputation: 1015Reputation: 1015
You would use the connbytes module.
 
Old 06-09-2018, 06:01 AM   #3
tonic75
LQ Newbie
 
Registered: May 2018
Posts: 2

Original Poster
Rep: Reputation: Disabled
Resolved.
thank you
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
[SOLVED] iptables troubleshooting icmp and best place to log /var/log/messages or /var/log/iptables JockVSJock Linux - Security 18 02-12-2016 12:31 AM
Log iptables drop packet to file but not /var/log/messages? kikilinux Linux - Security 1 10-02-2012 09:42 AM
iptables log new connections to ports t163r Linux - Security 1 03-25-2007 06:48 PM
Deleted /var/log/messages, can't log any files-iptables chingyenccy Linux - Newbie 7 02-27-2005 04:03 PM
iptables, changing log file from /var/log/messages acid2000 Linux - Networking 3 03-11-2003 08:38 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 07:04 AM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration