You can look on the web for iptables log which is where I found what I use.
-A INPUT -i eth0 -p udp -m limit --limit 10/hour -j LOG --log-prefix "IPTABLES UDP-IN: " -A INPUT -i eth0 -p icmp -m limit --limit 10/hour -j LOG --log-prefix "IPTABLES ICMP-IN: " -A INPUT -i eth0 -p tcp -m limit --limit 10/hour -j LOG --log-prefix "IPTABLES TCP-IN: " -A INPUT -i eth0 -m limit --limit 10/hour -j LOG --log-prefix "IPTABLES PROTOCOL-X-IN: " -A OUTPUT -o eth0 -p udp -m limit --limit 10/hour -j LOG --log-prefix "IPTABLES UDP-OUT: " -A OUTPUT -o eth0 -p icmp -m limit --limit 10/hour -j LOG --log-prefix "IPTABLES ICMP-OUT: " -A OUTPUT -o eth0 -p tcp -m limit --limit 10/hour -j LOG --log-prefix "IPTABLES TCP-OUT: " -A OUTPUT -o eth0 -m limit --limit 10/hour -j LOG --log-prefix "IPTABLES PROTOCOL-X-OUT: " I also use colorlogs.pl to colorize my log while I am using tail -f this way I can see when I get a hit for iptables. I have it set for bright red and if someone logs in as root it set as blinking bright red On Star Date Friday 29 August 2003 01:51 pm, David Guntner sent this sub-space message. > Hi all, > > I'm setting up some iptables rules to block certain kinds of packets on my > ML 9.1 machine. The man page talks about logging options to have it log to > the syslog, but I can't seem to figure out the exact syntax to make it > work. No matter how I try, I keep getting a bad option message in > response. Does anyone know what the actual syntax is on an iptables > command to have it log when that particular reject rule is fired? > > --Dave
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
