Re: Log every package incoming and outcoming.

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Linux mailbox Openware <linux@openware.nl>
To: Hyper@ubn.dk, netfilter@lists.netfilter.org
Subject: Re: Log every package incoming and outcoming.
Date: Fri, 20 Aug 2004 14:18:27 +0200	[thread overview]
Message-ID: <2004820141827.291870@icarus> (raw)
In-Reply-To: <49885.80.164.248.134.1093000650.squirrel@krank.darknet.dk>

Op %verzonden%, schreef %afzender%:
> Oki cool. Is it possible to specife the location of the log files?
> and how?

Example:

echo "Logging..."
iptables -t filter -A INPUT -j LOG --log-prefix "fw input: "
iptables -t filter -A OUTPUT -j LOG --log-prefix "fw output: "
iptables -t filter -A FORWARD -j LOG --log-prefix "fw forward: "

Logging can be monitored in /var/log/messages with fw input, fw output and fw forward as
a marker

Greetings,

Jan Rozema


>
>
>> On Fri, Aug 20, 2004 at 12:32:24PM +0200, Thomas Kristensen wrote:
>>
>>
>>> i dont want a full system setup, i just need somekind og modul
>>> for iptables, or a conf for iptables to log every thing. The
>>> problem is if i set a rule, iptables will stop at a matching
>>> rule, and therefor i cant set a log rule in the end for alle
>>> chains.
>>>
>>>
>>> Any ideas?
>>>
>>
>> Start all your chains with a LOG rule.  Netfilter logs the packet
>> and then passes it on to the next rule, so you'll get your
>> matches, but the packet will continue to be processed.
>>
>> Why do you have to check every packet though?  If this is just to
>> see who is using your servers the daemons themselves probably
>> keep adequate logs.
>>
>>
>> --
>> "I think a church with a lightning rod shows a decided lack of
>> confidence"
>
>
> ----------------------------------------------
> DarkNet Webmail -http://webmail.darknet.dk

next prev parent reply	other threads:[~2004-08-20 12:18 UTC|newest]

Thread overview: 6+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2004-08-20 10:32 Log every package incoming and outcoming Thomas Kristensen
2004-08-20 10:41 ` Nick Drage
2004-08-20 11:17   ` Thomas Kristensen
2004-08-20 12:09     ` Nick Drage
2004-08-20 12:18     ` Linux mailbox Openware [this message]
2004-08-23 14:53 ` Aleksandar Milivojevic

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=2004820141827.291870@icarus \
    --to=linux@openware.nl \
    --cc=Hyper@ubn.dk \
    --cc=netfilter@lists.netfilter.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.