how to log dropped packet

Aleksandar Milivojevic amilivojevic at pbl.ca
Tue Sep 28 16:21:26 CEST 2004


hamals at infinito.it wrote:
> 
> hello
> 
> I wrote all my firewall rules, and now I would like to log all packet 
> that will be dropped by my policy rule..
> 
> ..how can I do it?
> 
> what kind of rules do I need?..and where have I to write them?

Use the LOG target.

However, if this is your firewall host toward Internet, are you sure you 
want to log *everything* that is dropped?  There are so many worms and 
automatic scanning tools out there that your logs will get *huge* with 
nothing but crap very fast.  This is especially true for Windows 
specific TCP and UDP ports.  Anything that might be interesting will get 
completely lost in all that noise.

-- 
Aleksandar Milivojevic <amilivojevic at pbl.ca>    Pollard Banknote Limited
Systems Administrator                           1499 Buffalo Place
Tel: (204) 474-2323 ext 276                     Winnipeg, MB  R3T 1L7



More information about the netfilter mailing list