![]() So in essence we change the -j DROP to the 4 lines in bold so that we have logging.Ĭhecking dmesg or /var/log/messages should show similar to the following: ![]() Drop all packets in the LOGGING Chain -A LOGGING -j DROP.Log all packets that are about to dropped with prefix "ipt denied:" (of course change it how you like) -A LOGGING -j LOG -log-prefix "ipt denied: " -log-level 4.We are then passing all of our packets to that chain.We create a new chain called "LOGGING" -N LOGGING.A LOGGING -j LOG -log-prefix "ipt denied: " -log-level 4Īdd the above in bold below your last allowed incoming traffic rule and all dropped packets can be seen in dmesg or /var/log/messages ![]() A INPUT -m state -state RELATED,ESTABLISHED -j ACCEPT A lot of people just have a -j DROP to drop all unwanted traffic or traffic not explicitly allowed but there is a better solution if you want real and proper logging:
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |