-   Linux - Security (
-   -   Logging firewall with syslog-ng? (

RecoilUK 08-06-2005 11:40 AM

Logging firewall with syslog-ng?
Hi guys

I have devloped a firewall configuration, but I,m unsure how to setup logging for it.

Here is the firewall conf...




# Set default policy of deny all traffic

# Flush and delete all existing firewall rules

# Allow SSH traffic
$IPT -A INPUT -p tcp --dport 12222 -j ACCEPT
$IPT -A OUTPUT -p tcp --sport 12222 -j ACCEPT

# Allow DNS traffic
$IPT -A INPUT -p udp --sport 53 -j ACCEPT
$IPT -A OUTPUT -p udp --dport 53 -j ACCEPT

# Allow BF2 Sever traffic
$IPT -A INPUT -p udp --dport 16567 -j ACCEPT
$IPT -A OUTPUT -p udp --sport 16567 -j ACCEPT
$IPT -A INPUT -p udp --dport 16568 -j ACCEPT
$IPT -A OUTPUT -p udp --sport 16568 -j ACCEPT
$IPT -A INPUT -p udp --dport 16569 -j ACCEPT
$IPT -A OUTPUT -p udp --sport 16569 -j ACCEPT

How can I setup logging for this? basically I want to log everything the firewall rejects for the time being.


Mara 08-06-2005 04:28 PM

Something as simple as this (added at the end of your rules):
iptables -A INPUT -j LOG
should work as you want. Note that the logs may grow very fast, so later think about limiting logs to a number of special cases.

All times are GMT -5. The time now is 10:04 AM.