:msg, contains, "FW_TEST" /var/log/firewall It catches the sudo command line used to add the test rule: Oct 13 18:59:54 grid sudo: brownout : TTY=pts/1 ; PWD=/home/brownout ; USER=root ; COMMAND=/sbin/iptables -I INPUT -p tcp --dport 80 -j LOG --log-prefix FW_TEST:
but it doesn't log the connection attempt, which is correctly reported in dmesg: [65180.603408] FW_TEST: IN=lo OUT= MAC=00:00:00:00:00:00:00:00:00:00:00:00:08:00 SRC=127.0.0.1 DST=127.0.0.1 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=19095 DF PROTO=TCP SPT=60757 DPT=80 WINDOW=32792 RES=0x00 SYN URGP=0 -- rsyslog ignores iptables LOG targets https://bugs.launchpad.net/bugs/450002 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
