Bill grabbed a keyboard and wrote: > > You can look on the web for iptables log which is where I found what I > use. > > -A INPUT -i eth0 -p udp -m limit --limit 10/hour -j LOG --log-prefix > "IPTABLES UDP-IN: "
Ah, ok. Now I see what I was doing wrong. I am trying to use "-j REJECT" because I want to reject the packet. I also want to log it. However, I see that my problem was that I was trying to do a "-j REJECT LOG --log-prefix ..." on the command, which resulted in my getting an error message. Apparently you can't specify both. Tell me, if I do it as *two* commands, one with "-j REJECT" and one with "-j LOG", will *both* rules fire when an offending packet comes in? I.E., will it reject the packet and then log it? Or will it only act on whatever rule was entered first/last? > I also use colorlogs.pl to colorize my log while I am using tail -f this > way I can see when I get a hit for iptables. I have it set for bright red > and if someone logs in as root it set as blinking bright red That sounds like a useful utility. Where can I get it? Thanks for the info! --Dave
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com