On Thursday 08 July 2004 08:30, IZEM Farid wrote: > Hi all, > > Just a Simple question. > > How do i log what is being rejected or drop by my Firewall. > > I configure my syslog.conf like this: > kern.* /var/log/kernel > > And I had the following rule: > Iptables -A FORWARD -j LOG > > It seems that all connections is logged so it is very difficult to read the > log. Firstly, do you actually have DROP statements in your ruleset? If so, the LOG statement should appear JUST BEFORE the block of DROP statements. Since ACCEPT or DROP are one-way-streets for packets, you want to LOG just before they get DROPped, but not log any of the ACCEPTed packets. Cheers, Gavin.
