Hello Juan Carlos, Am 2003-12-31 01:41:07, schrieb Juan Carlos Inostroza: > >On Tue, 30 Dec 2003 18:01:02 +0100, Michelle Konzack ><[EMAIL PROTECTED]> wrote :
>> Q 3: Is ther a way in iptables to log the Stuff >> to another File as syslog ? >> e.g. /var/log/ipt_reject > >I guess not. Found: TARGET ULOG >But, to log all matching packets, from the iptables man page: > > This is a "non-terminating target", > i.e. rule traversal continues at the next rule. So if you > want to LOG the packets you refuse, use two separate rules > with the same matching criterias, first using target LOG > then DROP (or REJECT). > >in plain english (by example, port 445, tcp) > >iptables -N port445 >iptables -A port445 -j LOG This is for logging in syslog... I have installed the 'ulogd' and if I use the target ULOG I have a seperated LOGFILE. >iptables -A port445 -j DROP >iptables -P port445 -j DROP > >iptables -A INPUT -p tcp --dport 445 -j port445 Now I understand a little bit better, how "-j ..." is working... >--jci Greetings Michelle -- Registered Linux-User #280138 with the Linux Counter, http://counter.li.org.
