On Tue, Jan 14, 2003 at 01:23:10PM -0500, Subba Rao wrote: > -------------------- > iptables -A INPUT -i $EXTERNAL_IF -p tcp --destination-port 25 -j LOG \ > --log-level 4 --log-prefix "Incoming Mail Traffic " > iptables -A INPUT -i $EXTERNAL_IF -p tcp --destination-port 25 -j ACCEPT > -------------------- > > The default policy is on the INPUT chain is to drop the packets. How do I capture > what is being dropped? iptables -A INPUT -i $EXTERNAL_IF -j LOG --log-level 4 \ --log-prefix "Dropped Incoming " Remember a LOG target simply LOGs then returns, so it'll still drop through to the policy after this. > My goal is to log the inbound traffic and my syslog has the following > configuration: > > -------------------- > *.=info;*.=notice;mail.none /usr/adm/messages > *.=alert /usr/adm/messages > *.=crit /usr/adm/debug > mail.* /var/log/mail-log > kern.* /var/log/messages All iptables -j LOG goes to kern.*, so you should see it in your /var/log/messages. You could also use --log-level 7 (DEBUG) instead and: kern.=debug /var/log/iptables Note you _CAN_ also do --log-level debug to make things clearer. HTH, -Ath -- - Athanasius = Athanasius(at)miggy.org / http://www.miggy.org/ Finger athan(at)fysh.org for PGP key "And it's me who is my enemy. Me who beats me up. Me who makes the monsters. Me who strips my confidence." Paula Cole - ME
Attachment:
pgp00273.pgp
Description: PGP signature
