Iptables rules problem
menonrr_at_jmu.edu
Date: 10/15/04
- Previous message: Radke, Theresa A: "Run 2.4.20 kernel on RHEL 3.0?"
- Next in thread: Pete Nesbitt: "Re: Iptables rules problem"
- Reply: Pete Nesbitt: "Re: Iptables rules problem"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Thu, 14 Oct 2004 21:13:31 -0400 To: Redhat <redhat-list@redhat.com>
10/14
Hello,
I needed to send my syslog from 192.16.1.10 (firewall/GW) to
192.168.1.3, the logserver. The syslogging worked. But since I
am monitoring all connections going to the internal
network(eth0) from outside, the log was filled with the syslog
connections from the gateway to the logserver.
So I gave 2 rules to help me with that:
To log the syslog traffic (just testing syslog)
#$IPTABLES -A OUTPUT -o eth0 -p udp -s 192.168.1.10/32
--source-port 514 -d 192.168.1.3/32 --destination-port 514 -m
limit --limit 15/minute --limit-burst 10 -j LOG --log-prefix
"Syslog traffictoTest: " # Log packets going to 192.168.1.0
(Rule I really need to log inbound traffic)
#$IPTABLES -A OUTPUT -o eth0 -p udp --destination-port ! 514
-m limit --limit 1/second --limit-burst 10 -j LOG --log-prefix
"Output packetsToTest: " # Log packets entering testnet except
udp 514 for syslog
----------------
The Problem:
-----------------
Only the syslog traffic is received. I lost all logging of
inbound traffic.
I would appreciate some help on this.
Thanks.
Menon
-- redhat-list mailing list unsubscribe mailto:redhat-list-request@redhat.com?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
- Previous message: Radke, Theresa A: "Run 2.4.20 kernel on RHEL 3.0?"
- Next in thread: Pete Nesbitt: "Re: Iptables rules problem"
- Reply: Pete Nesbitt: "Re: Iptables rules problem"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
