On Sat, 23 Nov 2002 [EMAIL PROTECTED] wrote: > > I have activated the firewall for my machine through > setup->firewall configuration menu. Now, I know it's working > because I did a probe on may machine a www.grc.com before and > after enabling the firewall, before the activation of the > firewall some ports were just "closed" now all the tested ports > were "stealth", so the firewall works. > > My problem is that scanning attempts don't seem to be logged. > Were are these scans logged by the firewall and what should I do > (if anything) to start logging them ? > To verify that it's ipchains you're running, check that you have a file /etc/sysconfig/ipchains, which is what is used to setup the rules when ipchains is started, or do "ipchains -L" (to list the ipchains rules currently in the kernel). To get logging messages on connection attempts that are denied or rejected, edit /etc/sysconfig/ipchains so that the corresponding lines with "-j DENY" or "-j REJECT" also have "-l" (that's lower case L). See "man ipchains". Then do "service ipchains restart". But before you edit /etc/sysconfig/ipchains, it would be a good idea to save the current version somewhere so that it can be restored if necessary. > And another question, does the forewall setup tool from rh 7.1 > use iptables or ipchains ? > > > >
-- Steven Yellin _______________________________________________ Seawolf-list mailing list [EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/seawolf-list