[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [Fedora] Re: Logging denied packets (iptables)



Mike Wohlgemuth wrote:
Here's what I do:

-N LOGDROP
-A LOGDROP -j LOG --log-prefix "$IPTABLES drop:"
-A LOGDROP -j DROP

Then you can add lines for the things you want logged like this:

-A INPUT -s www.xxx.yyy.zzz/aa -j LOGDROP
Now that works great (I removed the $ from it.) The only, small, issue is that I'd like some kind of identifier when it logs, instead of just saying 'IPTABLES drop:'. Is there a way of saying something like, 'all these IP ranges belong to .ru domains' and then when it logs the packet, to have the prefix say 'IPTABLES drop .ru: ' And do the same for other ranges that are defined (at the moment they have .ru, .hk, .cn, etc., etc. blocked.)

Or do I have to create individual chains for each one, and change the prefix on each?


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]