iptables logging

June 7, 2014 2.5k

By:

francly

Hi, I have centos 6.5 64bit running with this iptables rule, I would to logging all the drop packet on the input chain to a separate log file to review, please guide me how to do that, thanks # Generated by iptables-save v1.4.7 on Sat Jun 7 00:56:05 2014 *filter :INPUT DROP [2:120] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [119:11746] -A INPUT -i lo -j ACCEPT -A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT -A INPUT -p tcp -m tcp --dport 110 -j ACCEPT -A INPUT -p tcp -m tcp --dport 143 -j ACCEPT -A INPUT -p tcp -m tcp --dport 53 -j ACCEPT -A INPUT -p tcp -m tcp --dport 25 -j ACCEPT -A INPUT -p tcp -m tcp --dport 4190 -j ACCEPT -A INPUT -p tcp -m tcp --dport 80 -j ACCEPT -A INPUT -p tcp -m tcp --dport 443 -j ACCEPT -A INPUT -p tcp -m tcp --dport 20 -j ACCEPT -A INPUT -p tcp -m tcp --dport 21 -j ACCEPT -A INPUT -p tcp -m tcp --dport 3847 -j ACCEPT -A INPUT -d x.x.x.x/32 -p icmp -m icmp --icmp-type 8 -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT COMMIT # Completed on Sat Jun 7 00:56:05 2014

Share

Share your Question

iptables logging

Leave a Comment

Almost there!

Report a Bug