LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Debian
User Name
Password
Debian This forum is for the discussion of Debian Linux.

Notices


Reply
  Search this Thread
Old 03-29-2011, 05:47 AM   #1
classical
LQ Newbie
 
Registered: Jun 2009
Posts: 23

Rep: Reputation: 0
debian lenny iptables does not logs


hello everybody.

I have problem with loging, actually iptables logs a data but it seems that for some reasons does not writes in a log file:


Code:
iptables -L -v
Chain INPUT (policy ACCEPT 406 packets, 124K bytes)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     tcp  --  any    any     xxxxxxxxxxx        anywhere            tcp dpt:xxxx
    0     0 ACCEPT     udp  --  any    any    xxxxxxxxxxx        anywhere            udp dpt:xxxx
  322 23848 LOG        tcp  --  any    any     anywhere             anywhere            tcp dpt:ssh LOG level warning 
    0     0 ACCEPT     tcp  --  any    any     xxxxxxxxxxx  anywhere            tcp dpt:ssh 
  322 23848 ACCEPT     tcp  --  any    any     xxxxxxx         anywhere            tcp dpt:ssh 
    0     0 ACCEPT     tcp  --  any    any     xxxxxxxxxx         anywhere            tcp dpt:ssh 
    0     0 ACCEPT     tcp  --  any    any     xxxxxxxxxx         anywhere            tcp dpt:ssh 
    0     0 ACCEPT     tcp  --  any    any     xxxxxxxxxx        anywhere            tcp dpt:ssh 
    0     0 ACCEPT     tcp  --  any    any     xxxxxxxxxxx        anywhere            tcp dpt:ssh
i checked /var/log/message and /var/log/syslog nothing is here related to iptables. then i create separate file for Iptables by adding this: kern.warning /var/log/iptables.log in my rsyslog.conf it does create iptables.log file inside /var/ but its still empty need some help to figure out how to fix this
 
Old 03-29-2011, 06:00 AM   #2
repo
LQ 5k Club
 
Registered: May 2001
Location: Belgium
Distribution: Arch
Posts: 8,528

Rep: Reputation: 899Reputation: 899Reputation: 899Reputation: 899Reputation: 899Reputation: 899Reputation: 899
Did you use the LOG option in your iptables rules?
http://www.linuxtopia.org/Linux_Fire...les/x4238.html

Kind regards

Last edited by repo; 03-29-2011 at 06:02 AM.
 
Old 03-29-2011, 07:04 AM   #3
classical
LQ Newbie
 
Registered: Jun 2009
Posts: 23

Original Poster
Rep: Reputation: 0
Quote:
Originally Posted by repo View Post
Did you use the LOG option in your iptables rules?
http://www.linuxtopia.org/Linux_Fire...les/x4238.html

Kind regards
at first i had simple LOG without any option now i add --log-level warning
My rules looks like this:
Code:
-A INPUT -p tcp -m tcp --dport 22 -j LOG --log-level warning
-A INPUT -s xxxxxxx -p tcp -m tcp --dport 22 -j ACCEPT
-A INPUT -s xxxxxxx -p tcp -m tcp --dport 22 -j ACCEPT
-A INPUT -s xxxxxxx -p tcp -m tcp --dport 22 -j ACCEPT
-A INPUT -s xxxxxxx -p tcp -m tcp --dport 22 -j ACCEPT
-A INPUT -s xxxxxxx -p tcp -m tcp --dport 22 -j ACCEPT
-A INPUT -s xxxxxxx -p tcp -m tcp --dport 22 -j ACCEPT
and in my rsyslogd i have following line: kern=.warning -/var/log/iptables.log
Permissions is Ok . . . Log file is still empty . .. Any suggestions ?
 
Old 03-30-2011, 01:09 AM   #4
classical
LQ Newbie
 
Registered: Jun 2009
Posts: 23

Original Poster
Rep: Reputation: 0
still need help
 
Old 04-07-2011, 05:01 AM   #5
classical
LQ Newbie
 
Registered: Jun 2009
Posts: 23

Original Poster
Rep: Reputation: 0
BUMP
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
LXer: How To Upgrade Debian Lenny (Debian 5.0) To Squeeze (Debian 6.0) On Xen VPS LXer Syndicated Linux News 0 03-09-2011 05:20 AM
LXer: Installing Nagios On Debian Lenny And Monitoring A Debian Lenny Server LXer Syndicated Linux News 0 03-08-2011 01:40 AM
Debian Lenny - iptables+dnsbl/rbl check darklite Linux - Security 3 01-31-2009 05:42 AM
iptables logs sunlinux Linux - Security 14 07-03-2008 11:07 PM
iptables logs ddaas Linux - Security 1 01-20-2005 08:26 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Debian

All times are GMT -5. The time now is 10:26 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration