Logging iptables

Mike McGrath mmcgrath at iesabroad.org
Wed Dec 7 19:09:35 UTC 2005


> -----Original Message-----
> From: fedora-list-bounces at redhat.com 
> [mailto:fedora-list-bounces at redhat.com] On Behalf Of Gregory P. Ennis
> Sent: Wednesday, December 07, 2005 12:34 PM
> To: For users of Fedora Core releases
> Subject: Logging iptables
> List,
> I am working on some iptables nat forwarding logic and need 
> to be able to log failures into my /var/log/message file in a 
> RH 8.0 system.  I am using a FC4 system for a gateway 
> firewall and iptables seems to log error packets there 
> automatically.  Is there a way to do this on RH 8.0 as well.
> Sorry to ask a RH question on this list, but I thought there 
> would be someone here that would know.  
> Thanks,
> Greg Ennis

You can do a:

iptables -A INPUT -j LOG --log-level info --log-prefix "IPTABLES DENY "

That is just one way of getting logging info out of iptables, depending
on your rules and setups it could be different.  What types of failures
are you looking for?


More information about the fedora-list mailing list