how to log dropped packet

Aleksandar Milivojevic amilivojevic at
Tue Sep 28 16:21:26 CEST 2004

hamals at wrote:
> hello
> I wrote all my firewall rules, and now I would like to log all packet 
> that will be dropped by my policy rule..
> can I do it?
> what kind of rules do I need?..and where have I to write them?

Use the LOG target.

However, if this is your firewall host toward Internet, are you sure you 
want to log *everything* that is dropped?  There are so many worms and 
automatic scanning tools out there that your logs will get *huge* with 
nothing but crap very fast.  This is especially true for Windows 
specific TCP and UDP ports.  Anything that might be interesting will get 
completely lost in all that noise.

Aleksandar Milivojevic <amilivojevic at>    Pollard Banknote Limited
Systems Administrator                           1499 Buffalo Place
Tel: (204) 474-2323 ext 276                     Winnipeg, MB  R3T 1L7

More information about the netfilter mailing list