Re: Logging - Athan

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Athan <netfilter@miggy.org>
To: Subba Rao <subba9@cablespeed.com>
Cc: Netfilter/Iptables Users <netfilter@lists.netfilter.org>
Subject: Re: Logging
Date: Thu, 16 Jan 2003 19:20:56 +0000	[thread overview]
Message-ID: <20030116192056.GP22487@miggy.org> (raw)
In-Reply-To: <20030114182310.GA23089@cablespeed.com>

[-- Attachment #1: Type: text/plain, Size: 1634 bytes --]

On Tue, Jan 14, 2003 at 01:23:10PM -0500, Subba Rao wrote:
> --------------------
> iptables -A INPUT -i $EXTERNAL_IF -p tcp --destination-port 25 -j LOG \
>                 --log-level 4 --log-prefix "Incoming Mail Traffic "
> iptables -A INPUT -i $EXTERNAL_IF -p tcp --destination-port 25 -j ACCEPT
> --------------------
> 
> The default policy is on the INPUT chain is to drop the packets.  How do I capture
> what is being dropped?

  iptables -A INPUT -i $EXTERNAL_IF -j LOG --log-level 4 \
  	--log-prefix "Dropped Incoming "

Remember a LOG target simply LOGs then returns, so it'll still drop
through to the policy after this.

> My goal is to log the inbound traffic and my syslog has the following
> configuration:
> 
> --------------------
> *.=info;*.=notice;mail.none                     /usr/adm/messages
> *.=alert                                        /usr/adm/messages
> *.=crit                                         /usr/adm/debug
> mail.*                                          /var/log/mail-log
> kern.*                                          /var/log/messages

   All iptables -j LOG goes to kern.*, so you should see it in your
/var/log/messages.  You could also use --log-level 7 (DEBUG) instead
and:

kern.=debug			/var/log/iptables

Note you _CAN_ also do --log-level debug to make things clearer.

HTH,

-Ath
-- 
- Athanasius = Athanasius(at)miggy.org / http://www.miggy.org/
                  Finger athan(at)fysh.org for PGP key
	   "And it's me who is my enemy. Me who beats me up.
Me who makes the monsters. Me who strips my confidence." Paula Cole - ME

[-- Attachment #2: Type: application/pgp-signature, Size: 240 bytes --]

next prev parent reply	other threads:[~2003-01-16 19:20 UTC|newest]

Thread overview: 47+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2003-01-14 18:23 Logging Subba Rao
2003-01-16 19:20 ` Athan [this message]
2003-01-17  4:26 ` Logging Dharmendra.T
  -- strict thread matches above, loose matches on Subject: below --
2020-03-15 13:16 Logging J.R. Oldroyd
2020-03-16 11:25 ` Logging Arti Zirk
2020-03-16 19:30 ` Logging Jason A. Donenfeld
2020-03-17  7:37   ` Logging J.R. Oldroyd
2020-03-17 18:12     ` Logging Luis Ressel
2020-03-18  8:14       ` Logging J.R. Oldroyd
2020-03-18 10:43         ` Logging Luis Ressel
2011-04-17 23:30 Logging Zenon Panoussis
2011-04-18  0:53 ` Logging Colin McCabe
2011-04-18 10:13   ` Logging Zenon Panoussis
2011-04-18 17:16     ` Logging Colin McCabe
2011-04-18 18:17       ` Logging Zenon Panoussis
2011-04-18 18:41         ` Logging Colin McCabe
2011-04-18 20:56           ` Logging Zenon Panoussis
2011-04-18 22:25             ` Logging Colin McCabe
2011-04-19  0:10               ` Logging Zenon Panoussis
2011-04-19  5:02                 ` Logging Sage Weil
2011-04-19 11:19                   ` Logging Zenon Panoussis
2011-04-19 16:27                     ` Logging Sage Weil
2005-08-11 15:49 Logging Svenne Krap
2005-08-11 20:54 ` Logging Chris Brenton
2005-08-12  6:24 ` Logging Grant Taylor
2004-04-25 15:32 logging IT Clown
2004-04-25 15:45 ` logging Antony Stone
2004-04-12  3:13 logging ip tables
2004-04-01  5:38 logging IT Clown
2004-04-06 10:26 ` logging D. Prima Prayudi
2004-03-31  9:18 logging IT Clown
2004-03-31  9:59 ` logging Mark Page
2004-03-15 15:56 Logging Hurley, Michael
2004-03-15 15:51 Logging Mario Udina
2004-03-15 16:07 ` Logging Frederic de Villamil
2004-03-15 16:08 ` Logging Antony Stone
2004-03-15 16:25 ` Logging Frank Gruellich
2004-03-15 16:36 ` Logging forum
2003-12-29 22:43 logging John T. Williams
2003-12-30  2:39 ` logging caszonyi
2003-12-30  2:44 ` logging Ray Olszewski
2003-03-24 14:02 logging Philippe Dhont   (Sea-ro)
     [not found] <20021021210421.79305.qmail@web40702.mail.yahoo.com>
2002-10-21 21:39 ` Logging Antony Stone
2002-04-10  5:46 Logging Chris Rose
2002-04-10  6:08 ` Logging Richard Adams
2002-04-10  6:36   ` Logging Chris Rose
2002-04-10 18:23     ` Logging Richard Adams

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20030116192056.GP22487@miggy.org \
    --to=netfilter@miggy.org \
    --cc=netfilter@lists.netfilter.org \
    --cc=subba9@cablespeed.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.