At the end of the rules say -j LOG, any packet that makes it that far will then be droped by the policy. ----- Original Message ----- From: "Juliano Murlick" <jmurlick@xxxxxxxxxxxxxx> To: <netfilter@xxxxxxxxxxxxxxxxxxx> Sent: Saturday, July 19, 2003 10:38 Subject: Please ... how can i log all packets dropped ? > Hello ALL, > I need log all packet dropped on my firewall, how can i get it ? I know > how log all that i accept, like this: > > iptables -A FORWARD -p tcp -s $REDELOCAL --sport 1024:65535 -d $SSHSRV > --sport 22 -j LOG > iptables -A FORWARD -p tcp -s $REDELOCAL --sport 1024:65535 -d $SSHSRV > --sport 22 -j ACCEPT > > i will LOG all packet from ssh connection, but i don't to log all > packet dropped, my default policy is DROP: > > iptables -P FORWARD DROP > > please, if anyone knows it ? tell me .... > > > Thanks in advance! > > Att, > Juliano Murlick > > > > > > --- > Outgoing mail is certified Virus Free. > Checked by AVG anti-virus system (http://www.grisoft.com). > Version: 6.0.500 / Virus Database: 298 - Release Date: 10/7/2003 > > >
