IPTables
Crucificator
crucificator at home.ro
Fri Oct 29 14:52:47 UTC 2004
rupesh kumar kumar wrote:
>
>Hai everybody,
>
> I wrote an IPTABLE rule which targets itself to 'LOG' i.e whichever packet matches the rule, the information about the packet is stored in LOG..
>
> Command:'iptables -A INPUT -p TCP --dport 8000 -j LOG'.
>
> can anybody suggest how to get the IPaddress and portno of the logged packet.
>
>Regards,
>Rupesh.
>
>
Mr. Rupesh,
although you didn't want to contribute to your previous thread named
"How I can send a Packet to every Body on Internet" we can answer
questions regarding the security of your box.
You could use in conjunction with that iptables command the --log-prefix
switch kinda like this:
iptables -A INPUT -p TCP --dport 8000 -j LOG --log-prefix
"crap_that_will_identify_the_log_rule"
After that you can use this command to get the entries in the syslogd log file:
cat /var/log/syslog|grep "crap_that_will_identify_the_log_rule".
The misteries involving this can be read with the command that unlocks the power of the iptables:
man iptables
More information about the redhat-list
mailing list