I don't understant ... i can't do some thing like this: iptables -P FORWARD -j LOG I have to do a rule for any kinf of packet that I wanna log ? ATs, Juliano Murlick SICREDI Serviços - Tecnologia jmurlick@xxxxxxxxxxxxxx (51) 3358-4977 / (51) 9951-3888 -----Original Message----- From: David Busby [mailto:busby@xxxxxxxx] Sent: sábado, 19 de julho de 2003 16:50 To: jmurlick@xxxxxxxxxxxxxx; netfilter@xxxxxxxxxxxxxxxxxxx At the end of the rules say -j LOG, any packet that makes it that far will then be droped by the policy. ----- Original Message ----- From: "Juliano Murlick" <jmurlick@xxxxxxxxxxxxxx> To: <netfilter@xxxxxxxxxxxxxxxxxxx> Sent: Saturday, July 19, 2003 10:38 Subject: Please ... how can i log all packets dropped ? > Hello ALL, > I need log all packet dropped on my firewall, how can i get it ? I know > how log all that i accept, like this: > > iptables -A FORWARD -p tcp -s $REDELOCAL --sport 1024:65535 -d $SSHSRV > --sport 22 -j LOG > iptables -A FORWARD -p tcp -s $REDELOCAL --sport 1024:65535 -d $SSHSRV > --sport 22 -j ACCEPT > > i will LOG all packet from ssh connection, but i don't to log all > packet dropped, my default policy is DROP: > > iptables -P FORWARD DROP > > please, if anyone knows it ? tell me .... > > > Thanks in advance! > > Att, > Juliano Murlick > > > > > > --- > Outgoing mail is certified Virus Free. > Checked by AVG anti-virus system (http://www.grisoft.com). > Version: 6.0.500 / Virus Database: 298 - Release Date: 10/7/2003 > > > --- Incoming mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.500 / Virus Database: 298 - Release Date: 10/7/2003 --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.500 / Virus Database: 298 - Release Date: 10/7/2003
