Re: log files

From: Manuel Arostegui Ramirez <manuel@xxxxxxxxxxxxxx>
Date: Thu, 28 Feb 2008 14:24:09 +0100

On Thursday 28 February 2008 12:29:38 Vivek Mangal wrote:

hello All,

Can you tell me who can i make log files ?
I want to make log file of iptables ?

thanks

Add the correct LOG rule to netfilter rules

iptables -N LOG_DROP
iptables -A LOG_DROP -j
LOG --log-tcp-options --log-ip-options --log-prefix '[IPTABLES DROP] : '

iptables -A LOG_DROP -j DROP

When you drop packets, you should replace DROP by LOG_DROP for example :

iptables -A INPUT -j LOG_DROP

To specify more chains, just ajust the log-prefix option. In the previous
example DROP chain is defined.

If you use --log-prefix '[IPTABLES ACCEPT] : ' all the packets logs by this
rule will be display in ACCEPT chain.

Manuel.

--
Manuel Arostegui Ramirez.

Electronic Mail is not secure, may not be read every day, and should not
be used for urgent or sensitive issues.

--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list

References:
- log files
  - From: Vivek Mangal

Prev by Date: RE: log files
Next by Date: adding modules to initrd
Previous by thread: RE: log files
Next by thread: adding modules to initrd
Index(es):
- Date
- Thread

Relevant Pages

RE: How can I get all IP transactions (in/out) logged?
... I am pretty sure freshmeat.net has a tool that uses iptables and puts it into a mysql database...try looking under "monitor" or "uptime" its there somewhere. ... With syslog logging, you will also probably want to look into a syslog ... #2 logs packets out ppp0 sourced from the router/host machine ... > in any of the system log files). ...
(Debian-User)
[opensuse] Re: dictionary attacks
... I'll vote for this too, although I would like to get something that uses iptables instead - taking the load off sshd. ... It works for several log files, ... It only falls short when the ssh-login host is in a DMZ, the logs are actually stored and processed on a different host, and the firewall is a 3rd system. ...
(SuSE)
Re: How to react to "authentication failures" in log file
... Maybe even flush iptables periodically to keep ... IPS systems for intrustion prevention are basically an intrusion ... open source options, including denyhost. ... One can configure which log files to scan, ...
(comp.security.ssh)
Re: Question on Internet access of vsftp server
... I've been editing the iptables by hand. ... configuration tool that I was using didn't handle the firewall rules ... of the log files in /var/log. ... I've tested FTP from this machine to a .gov server that I ...
(RedHat)
Google Summer of Code 2009: Student applies to create a Better IPTables Management Tool
... a student) and select the Linux Foundation ... The tool focuses on helping the user to perceive what a particular chains of rules in a particular table does to a user specified packet. ... As the project aims for better IPtables management tool, I can contribute with my hard earned 3 years experience in maintenance of firewalls. ... The tools helps the user to either select all the rules in the chain or some particular rules and tells the impact of the application of selected rules upon the incoming/outgoing packet. ...
(Linux-Kernel)