log files
Manuel Arostegui Ramirez
manuel at todo-linux.com
Thu Feb 28 13:24:09 UTC 2008
On Thursday 28 February 2008 12:29:38 Vivek Mangal wrote:
> hello All,
>
> Can you tell me who can i make log files ?
> I want to make log file of iptables ?
>
> thanks
Add the correct LOG rule to netfilter rules
iptables -N LOG_DROP
iptables -A LOG_DROP -j
LOG --log-tcp-options --log-ip-options --log-prefix '[IPTABLES DROP] : '
iptables -A LOG_DROP -j DROP
When you drop packets, you should replace DROP by LOG_DROP for example :
iptables -A INPUT -j LOG_DROP
To specify more chains, just ajust the log-prefix option. In the previous
example DROP chain is defined.
If you use --log-prefix '[IPTABLES ACCEPT] : ' all the packets logs by this
rule will be display in ACCEPT chain.
Manuel.
--
Manuel Arostegui Ramirez.
Electronic Mail is not secure, may not be read every day, and should not
be used for urgent or sensitive issues.
More information about the redhat-list
mailing list