Logging iptables

Mike McGrath mmcgrath at iesabroad.org
Wed Dec 7 19:09:35 UTC 2005


 

> -----Original Message-----
> From: fedora-list-bounces at redhat.com 
> [mailto:fedora-list-bounces at redhat.com] On Behalf Of Gregory P. Ennis
> Sent: Wednesday, December 07, 2005 12:34 PM
> To: For users of Fedora Core releases
> Subject: Logging iptables
> 
> List,
> 
> I am working on some iptables nat forwarding logic and need 
> to be able to log failures into my /var/log/message file in a 
> RH 8.0 system.  I am using a FC4 system for a gateway 
> firewall and iptables seems to log error packets there 
> automatically.  Is there a way to do this on RH 8.0 as well.
> 
> Sorry to ask a RH question on this list, but I thought there 
> would be someone here that would know.  
> 
> Thanks,
> 
> Greg Ennis

You can do a:

iptables -A INPUT -j LOG --log-level info --log-prefix "IPTABLES DENY "

That is just one way of getting logging info out of iptables, depending
on your rules and setups it could be different.  What types of failures
are you looking for?

	-Mike




More information about the fedora-list mailing list