On Tue, 2003-01-14 at 23:53, Subba Rao wrote: > Hi > > I have the following rules to allow traffic on SMTP port. > > -------------------- > iptables -A INPUT -i $EXTERNAL_IF -p tcp --destination-port 25 -j LOG \ > --log-level 4 --log-prefix "Incoming Mail Traffic " > iptables -A INPUT -i $EXTERNAL_IF -p tcp --destination-port 25 -j ACCEPT > -------------------- > > The default policy is on the INPUT chain is to drop the packets. How do I capture > what is being dropped? > > My goal is to log the inbound traffic and my syslog has the following > configuration: > > -------------------- > *.=info;*.=notice;mail.none /usr/adm/messages > *.=alert /usr/adm/messages > *.=crit /usr/adm/debug > mail.* /var/log/mail-log > kern.* /var/log/messages > user.* /var/log/messages > syslog.* /var/log/messages > auth.* /var/log/messages > authpriv.* /var/log/messages > -------------------- > > Is this configuration sufficient to capture the inbound connections? > > -- > > Subba Rao > subba9@cablespeed.com > Hi Rao, Just add a rule after the default policy. This should give you all the packets which are dropped. iptables -A INPUT -j LOG iptables -A OUTPUT -j LOG iptables -A FORWARD -j LOG -- Dharmendra.T Linux Enthu
