iptables log and deny rule set

Adalbert Prokop adalbert.prokop at gmx.de
Thu Jun 21 08:26:56 UTC 2007

ann kok wrote on Wednesday 20 June 2007:

> Could you give me some rule examples?

iptables -A INPUT -s <bad_ip> -j LOG -m limit --limit 1/minute
iptables -A INPUT -s <bad_ip> -j REJECT

That will log and block packets from <bad_ip>, limiting logging to one 
entry per minute.

> I am not familiar to iptables?

I hope you are familiar with ip traffic basics and packet filtering?...

# man iptables

gives you a lot of information - in case you know network basics.

> Where the location of the log fime?

By default: /var/log/messages, but you can change the logging facility.


More information about the fedora-list mailing list