[PLUG] iptables logging
Terry Layne
plug at laynesoftware.com
Tue Feb 18 08:42:01 UTC 2003
On Tue, 18 Feb 2003 00:34:38 -0800 (PST), Josh Orchard wrote
> Could someone tell me how I can get all messages from an iptables script
> to log all request? I'm trying to see where the machine thinks it is
> sending a port forward request. It appears to be wrong and I can't find
> it. I also can't find where iptables puts an logs. I'm guessing it
> is off by default but can't seem to get the LOG option to go on any
> new rule.
>
Do "man iptables" and look for the LOG target. In a nutshell, for each rule
you want to log you create an identical rule except the target is LOG. Put
that rule right before the one you want to watch. When a packet matches it
first gets logged and then goes back to where it was and checks the next rule.
--
Terry Layne
Portland, OR
More information about the PLUG
mailing list