hi, 2011/4/1 Flavio A. Reis <[email protected]>: > Hello, > friends, you can log into all that iptables is being blocked without logging > rules ACCEPT. > Example: > My Firewall has only opened the ports (80, 443, 53). > You can log all other connection attempts? > Thanks > att
sure. - Set Default Policy for INPUT to DROP - Create Rule for ACCEPT 80,443,53 - Append logging Rule (if the packets end here, it will be dropped); maybe with Prefix "DROP:" - change logrotate rules (you will get a lot of log entries). Greetings, Björn -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/[email protected]
