Reply to topic
iptables logging
Networkcart


Joined: 14 Nov 2007
Posts: 1
Post Posted: Wed Nov 14, 2007 5:01 am Reply with quote
Fedora Core release 4


Is there any reason iptables would not log to /var/log/firewall (or any other log file) on a virtaul root account.

I been all over this. Crying or Very sad

Thanks Guys


Randy
vgerbino


Joined: 02 Mar 2007
Posts: 5
Post Posted: Thu Nov 15, 2007 2:47 am Reply with quote
You have to tell the iptables rule to actually log somewhere. The default location will be /var/log/messages.

You can modify this by adding a line like this to the /etc/syslog.conf file:

Code:
kern.warning -/var/log/firewall


Restart syslog for this change to take effect:

Code:
# /etc/init.d/syslog restart
Shutting down kernel logger:                               [PASSED]
Shutting down system logger:                               [  OK  ]
Starting system logger:                                    [FAILED]
Starting kernel logger:                                    [PASSED]


Then, you can setup your firewall rules, but still have to tell which ones to actually log. For example:

Code:
iptables -I INPUT -p tcp --dport 21 -j LOG
iptables -I INPUT -p tcp --dport 21 -j ACCEPT


This will log all packets that match for FTP traffic, and the 2nd rule lets the traffic in. If you receive this error:

Code:
# iptables -I INPUT -p tcp --dport 21 -j LOG
iptables: No chain/target/match by that name


It means it won't work. I haven't seen anyone specifically ask about this before, so I honestly don't know if the necessary libraries for iptables for logging are installed and activated on the FC4 VPSs.
iptables logging
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
 		All times are GMT  
Page 1 of 1  
  
  
 Reply to topic