Re: how to log dropped packet

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Tue, 2004-09-28 at 06:12, hamals@xxxxxxxxxxx wrote:
> hello
> 
> I wrote all my firewall rules, and now I would like to log 
> all packet that will be dropped by my policy rule..
> 
> ..how can I do it?
> 
> what kind of rules do I need?..and where have I to write 
> them?
> 
> thanks

if you're trying to catch the packets that will be dropped by the chain
policy, the last rule in that chain should be the log rule.  for
example:

  iptables -A INPUT -j LOG --log-prefix "FW DROP IN: "

see:

  man iptables
or
  iptables -j LOG -h

for all the available options for the LOG target.

-j

-- 
Jason Opperisano <opie@xxxxxxxxxxx>



[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux