On Wednesday 18 February 2004 4:07 pm, Martinez, Michael wrote:
> Antony,
>
> Being an iptables newbie ... How would I log all rejected packets?
Just before the line which says
iptables -A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited
you insert one which says
iptables -A RH-Firewall-1-INPUT -j LOG
If you want to be a bit sophisticated about it:
iptables -A RH-Firewall-1-INPUT -j LOG --log-level=info --log-prefix="Reject:"
That way, the logs will go to /var/log/messages and will have "Reject:" in
them so you can easily identify what they mean.
Regards,
Antony.
--
All matter in the Universe can be placed into one of two categories:
1. Things which need to be fixed.
2. Things which need to be fixed once you've had a few minutes to play with
them.
Please reply to the list;
please don't CC me.
