how to log dropped packet
Aleksandar Milivojevic
amilivojevic at pbl.ca
Tue Sep 28 16:21:26 CEST 2004
hamals at infinito.it wrote:
>
> hello
>
> I wrote all my firewall rules, and now I would like to log all packet
> that will be dropped by my policy rule..
>
> ..how can I do it?
>
> what kind of rules do I need?..and where have I to write them?
Use the LOG target.
However, if this is your firewall host toward Internet, are you sure you
want to log *everything* that is dropped? There are so many worms and
automatic scanning tools out there that your logs will get *huge* with
nothing but crap very fast. This is especially true for Windows
specific TCP and UDP ports. Anything that might be interesting will get
completely lost in all that noise.
--
Aleksandar Milivojevic <amilivojevic at pbl.ca> Pollard Banknote Limited
Systems Administrator 1499 Buffalo Place
Tel: (204) 474-2323 ext 276 Winnipeg, MB R3T 1L7
More information about the netfilter
mailing list