On Mon, Feb 17, 2014 at 3:20 PM, Daniel Lopez <daniel.lopez@xxxxxxxxxx> wrote:
> Hello
>
> I want to save the log of iptables and for this I have set up the file
> /etc/rsyslog.d/iptables.log :
>
> :msg, contains, "" -/var/log/iptables.log
> & ~
>
> Packets arrive correctly because I can connect to the servers, but does not
> save the log of these lines :
>
> $IPTABLES -t nat -A PREROUTING -p TCP -i $INTERNET_IFACE -d $INTERNET_IP
> --dport 8181 -j DNAT --to-destination 192.168.2.26
> $IPTABLES -A FORWARD -p TCP -i $INTERNET_IFACE -o $LAN_IFACE -d 192.168.2.26
> --dport 8181 -j LOG --log-prefix "Port 8181:"
> $IPTABLES -A FORWARD -p TCP -i $INTERNET_IFACE -o $LAN_IFACE -d 192.168.2.26
> --dport 8181 -j allowed
> $IPTABLES -A FORWARD -p TCP --sport 8181 -s 192.168.2.26 -i $LAN_IFACE -o
> $INTERNET_IFACE -j ACCEPT
>
> But these lines if you save:
>
> $IPTABLES -A FORWARD -m limit --limit 3/minute --limit-burst 3 -j LOG
> --log-level DEBUG --log-prefix "forward packet died:"
>
> Use:
>
> CentOS 6.3 64 Bits
> iptables 1.4.7
> rsyslogd 5.8.10
>
> Please could help correct my problem?
>
> Thank you,
>
AFAIK, if you want to log a given rule, you either double that
rule and instead of -j ACCEPT you put the -j LOG stuff or group the
rules you want to log together, you have to put them into your own
chain and tell it to log the entire chain.
Or something like that
> --
> To unsubscribe from this list: send the line "unsubscribe netfilter" in
> the body of a message to majordomo@xxxxxxxxxxxxxxx
> More majordomo info at http://vger.kernel.org/majordomo-info.html
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
