ubuntu-users Digest, Vol 104, Issue 43

dave perry skidavem at mindspring.com
Wed Apr 10 13:41:41 UTC 2013

On 04/10/2013 01:10 AM, JD wrote:
> Hi all iptables gurus,
> In /etc/iptables, I only allow in established connections(whicih I
> connect to
> from my machine to the internet at large).
> All others:
> # Log and drop the rest
> #
> -A INPUT -j LOG --log-level 7 --log-prefix "Dropped by firewall: "
> But, I do not see the log of dropped connectionrequests,
> even though, my router's log shows numerous incoming
> connections from ip addresses from all over the world.
> When I dig these ip addresses, most of them do not map
> onto a domain name.
> When I run
> iptables -L -n
> it indeed shows the rules I have in /etc/iptables
> So, what do I need to do to force the kernel to log DROPPED
> incoming requests?
I believe your iptables log entries are logged in /var/log/syslog.

This link shows you how to use rsyslog to set up and manage separate 
iptables.log files.

More information about the ubuntu-users mailing list