how to log dropped packet
amilivojevic at pbl.ca
Tue Sep 28 16:21:26 CEST 2004
hamals at infinito.it wrote:
> I wrote all my firewall rules, and now I would like to log all packet
> that will be dropped by my policy rule..
> ..how can I do it?
> what kind of rules do I need?..and where have I to write them?
Use the LOG target.
However, if this is your firewall host toward Internet, are you sure you
want to log *everything* that is dropped? There are so many worms and
automatic scanning tools out there that your logs will get *huge* with
nothing but crap very fast. This is especially true for Windows
specific TCP and UDP ports. Anything that might be interesting will get
completely lost in all that noise.
Aleksandar Milivojevic <amilivojevic at pbl.ca> Pollard Banknote Limited
Systems Administrator 1499 Buffalo Place
Tel: (204) 474-2323 ext 276 Winnipeg, MB R3T 1L7
More information about the netfilter