[olug] IPTables rejection logging.
Jeremy Bettis
jeremyb at hksys.com
Tue Mar 26 19:02:16 UTC 2002
Here is a sample of what I do:
$IPTABLES -t nat -A PREROUTING -i $INET_IFACE -s 192.168.0.0/16 \
-m limit --limit 3/minute --limit-burst 3 -j LOG --log-prefix "IPT
PREROUTING spoofed IP: "
$IPTABLES -t nat -A PREROUTING -i $INET_IFACE -s 192.168.0.0/16 -j DROP
The first line logs all packets from the internet on the reserved ip
range, and the second line DROPs those same packets.
The limit stuff is to keep the log file from growing too fast.
Then I also have the default policies set to DROP and there is a LOG
rule as the last rule in each chain.
--
Jeremy Bettis, Software Development Manager
HKS Medical Information Systems, Inc.
jeremyb at hksys.com
-----Original Message-----
From: Jonathan Warren [mailto:jonwarren at cox.net]
Sent: Tuesday, March 26, 2002 9:48 AM
To: olug at olug.org
Subject: [olug] IPTables rejection logging.
I want to add logging of denied access to my iptables rules. Is there
anyone on this list who is able to get me started on writing iptables
rules? Any suggestions would be usefull.
-Jon Warren
-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_
For help contact olug-help at olug.org - run by ezmlm
to unsubscribe, send mail to olug-unsubscribe at olug.org
or `mail olug-unsubscribe at olug.org < /dev/null`
(c)1998-2002 OLUG http://www.olug.org
-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3287 bytes
Desc: not available
URL: <http://lists.olug.org/pipermail/olug/attachments/20020326/ceff885b/attachment.bin>
More information about the OLUG
mailing list