example;
iptables -A INPUT -j allow
iptables -A INPUT -j LOG --log-prefix="Dropped :"
iptables -N allow
iptables -A allow -p tcp -m multiport --dports http,https,domain -m
conntrack --ctstate NEW,ESTABLISHED,RELATED -j ACCEPT
iptables -A allow -p udp --dport 63
iptables -P INPUT DROP
you see log via dmesg or syslog.
On 04/01/2011 04:06 PM, Bjoern Meier wrote:
hi,
2011/4/1 Flavio A. Reis<[email protected]>:
Hello,
friends, you can log into all that iptables is being blocked without logging
rules ACCEPT.
Example:
My Firewall has only opened the ports (80, 443, 53).
You can log all other connection attempts?
Thanks
att
sure.
- Set Default Policy for INPUT to DROP
- Create Rule for ACCEPT 80,443,53
- Append logging Rule (if the packets end here, it will be dropped);
maybe with Prefix "DROP:"
- change logrotate rules (you will get a lot of log entries).
Greetings,
Björn
--
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]
Archive: http://lists.debian.org/[email protected]
