how to log dropped packet

Jose Maria Lopez jkerouac at bgsec.com
Tue Sep 28 16:27:44 CEST 2004


El mar, 28 de 09 de 2004 a las 12:12, hamals at infinito.it escribió:
> hello
> 
> I wrote all my firewall rules, and now I would like to log 
> all packet that will be dropped by my policy rule..
> 
> ..how can I do it?
> 
> what kind of rules do I need?..and where have I to write 
> them?
> 
> thanks

Just add at the end of your rules a rule like this:

iptables -A INPUT/OUTPUT/FORWARD -j LOG

with all the options you want to have. Then let the
default policy (DROP I suppose) act.

-- 
Jose Maria Lopez Hernandez
Director Tecnico de bgSEC
jkerouac at bgsec.com
bgSEC Seguridad y Consultoria de Sistemas Informaticos
http://www.bgsec.com
ESPAÑA

The only people for me are the mad ones -- the ones who are mad to live,
mad to talk, mad to be saved, desirous of everything at the same time,
the ones who never yawn or say a commonplace thing, but burn, burn, burn
like fabulous yellow Roman candles.
                -- Jack Kerouac, "On the Road"




More information about the netfilter mailing list