Jeff Coppock wrote on Sat Jul 21, 2001 at 10:59:08PM:
> What does syslog recognize as iptables log messages? I tried
> putting iptable.* in syslog.conf, but I'm not seeing messages.
You need to tell iptables which packages should be logged. For example:
iptables -N log # This table logs and hands package over to "delete"
iptables -N delete - This table rejects anything
iptables -A INPUT <RULE> -j log # Rule to be logged
iptables -A INPUT <RULE> -j delete # Rule not to be logged
iptables -A log -j LOG --log-prefix "Rejected: " # be verbose in syslog
iptables -A log -j delete # hand over package to "delete"
iptables -A delete -j REJECT # gracefully reject package
It would be bad to have iptables log everything by default --> man DOS
Matthˇas
--
Matthias Richter --+- stud. soz. & inf. -+-- http://www.uni-leipzig.de
--> GPG Public Key: http://www.matthias-richter.de/gpg.ascii <--
· Projekt Deutscher Wortschatz: <URL:http://wortschatz.uni-leipzig.de>
PGP signature
