ubuntu-users Digest, Vol 104, Issue 43
dave perry
skidavem at mindspring.com
Wed Apr 10 13:41:41 UTC 2013
On 04/10/2013 01:10 AM, JD wrote:
> Hi all iptables gurus,
>
> In /etc/iptables, I only allow in established connections(whicih I
> connect to
> from my machine to the internet at large).
>
> All others:
>
> # Log and drop the rest
> #
> -A INPUT -j LOG --log-level 7 --log-prefix "Dropped by firewall: "
>
> But, I do not see the log of dropped connectionrequests,
> even though, my router's log shows numerous incoming
> connections from ip addresses from all over the world.
> When I dig these ip addresses, most of them do not map
> onto a domain name.
>
> When I run
> iptables -L -n
>
> it indeed shows the rules I have in /etc/iptables
>
> So, what do I need to do to force the kernel to log DROPPED
> incoming requests?
>
>
I believe your iptables log entries are logged in /var/log/syslog.
This link shows you how to use rsyslog to set up and manage separate
iptables.log files.
http://blog.shadypixel.com/log-iptables-messages-to-a-separate-file-with-rsyslog/
More information about the ubuntu-users
mailing list