I need to log iptables to see what ports are being dropped. I followed this article and several others I looked at via Google, but it's still not working.
I added the following entry to my /etc/sysconfig/iptables file just before the last COMMIT line:
Code:
-A RH-Firewall-1-INPUT -p tcp --dport 443 -j ACCEPT #example#
-A RH-Firewall-1-INPUT -j LOG
COMMIT
I've also tried it as shown:
Code:
-A RH-Firewall-1-INPUT -p tcp --dport 443 -j ACCEPT #example#
#log
-A RH-Firewall-1-INPUT -j LOG
#drop all other packets
-A RH-Firewall-1-INPUT -j DROP
COMMIT
My problem is when I got to /var/log/messages I don't see it logging anything whatsoever from iptables.
I also added the following to /etc/syslog.conf:
Code:
kern.* /var/log/debug
Still no matter what I do no information shows up in any log files, and I've tried numerous ports on this host that I know aren't opened in iptables from another test host in hopes that I would see it logging the dropped connection attempts, but nothing I've done will log anything whatsoever.
I've also tried using this article for advise, but still nothing I do works: Example iptables firewall
Any advise would be greatly appreciated. This is on Red Hat Enterprise 5.7. Every time I make these changes I of course restart the iptables and syslog services.
That fixed it. I just wasn't putting the logging up high enough in the iptables file. Thanks for the tip!
By the way, What entry would work in the /etc/syslog.conf file to capture all iptables logs to a separate log file? That way I can keep my firewall and system logs separate.
When unlocking a Linux server's console there's no event indicating successful logging
Is there a way I can fix this ?
I have the following in my rsyslog.conf
auth.info /var/log/secure
authpriv.info /var/log/secure (1 Reply)
Discussion started by: walterthered
1 Replies
2. Post Here to Contact Site Administrators and Moderators
Hi Everyone. First, I want to thank all of you for letting me participate in this great group.
I am having a bit of a problem.
After I get an email from a responder, I login to make my reply.
In the mean time I get another response by email from another member, I go to reply to them and I... (6 Replies)
Hi all
Can anyone tell me how to login inot telnet,i heard that it is an interface between unix and windows,if i am wrong please correct me.
Thanks in anticipation (1 Reply)
Hi
How to manage logging in an application.
Actually I am developing a Client-Server application in c/c++ and want to manage an optional logging in my application, but since prior I have never done ths activity.
Plz guide me.
thanks. (2 Replies)
Hi all!
On our current Solaris 8 machine we only have "standard" logging configured, and now i need to put on more. What i specificly need is time in the logfiles. Ex. When a user is logging in,
when a user makes it self SU. etc.
Regards...
dOzY (3 Replies)
Hi, just wriiten a sh script and as my script will try to log into another server to delete some files but when i run , it keeps on saying that my files do not exist. It seems to refer to my local directory instead. Below is my script :
FTP_HOST=ip_number
FTP_USER="user password"
... (1 Reply)
Is there a file that captures info whenever someone logs to su? i know it comes across as standard output on the server, but is it saved anywhere? Time and date info included??
thanks, kym (1 Reply)
is there a log/ how do i make a log that logs every packet inbound or outbound through my server?
I want every packet or packet fragment to be logged that comes to my server. (5 Replies)
G'day
Just wondering if anyone out there knows how to log files, using the example I provided in the earlier message / question earlier today:
:confused:
If I was to backup a file, how could I setup a log file to record the filename, date (This one I've got figured), and that the file was... (4 Replies)
I have a SCO R5 Open Server Box running at a remote location, and from time to time it seems to "spontaneously" re-boot itself. Is there a specific log file that I can examine to see why the machine is doing this ? Any suggestions gratefully appreciated (1 Reply)
