Re: [Re: How to log dropped packet ?]

Re: [Re: How to log dropped packet ?]

[Curtis Call]

Where you send your log is determined via your syslog.conf, I'm unaware of a
way to specify to only log the iptables to a certain file in that way however.
 What I do is run a cron job that greps my messages file for my log-prefix and
puts it into a separate log file.  Not sure if there's a better way to do it
then this, if there is I'd be happy to learn it! :-)

"Julien Didron" <admin@tripnotik.dyndns.org> wrote:
> Hi all,
> 
> I apologize for being a little OT, but has anybody tried to log to another 
> file than /var/log/syslog when using -j log ? if so, thanks for sharing the

> experience ;o)
> 
> --
> Open WebMail Project (http://openwebmail.org)
> 
> 
> ---------- Original Message -----------
> From: Ray Leach <raymondl@knowledgefactory.co.za>
> To: Netfilter Mailing List <netfilter@lists.netfilter.org>
> Sent: 16 Jul 2003 14:49:47 +0200
> Subject: Re: How to log dropped packet ?
> 
> > On Wed, 2003-07-16 at 14:14, Jerry Kim wrote:
> > > Hi all.
> > > 
> > > I hope to know how to log dropped/accepted packets.
> > > For example,
> > > 
> > Exactly the same except put -j LOG --log-prefix "Accept input eth0"
> > instead of -j ACCEPT.
> > Oh, and the log rule must be before the accept/drop rule.
> > 
> > > iptables -A INPUT -i eth0 -p tcp -d 10.10.10.1 --dport 22 -j ACCEPT
> > > 
> > > How can I log it ?
> > > I don't understand how '-j LOG' target operate.
> > > 
> > > Help.
> > > 
> > -- 
> > --
> > Raymond Leach <raymondl@knowledgefactory.co.za>
> > Network Support Specialist
> > http://www.knowledgefactory.co.za
> > "lynx -source http://www.rchq.co.za/raymondl.asc | gpg --import"
> > Key fingerprint = 7209 A695 9EE0 E971 A9AD  00EE 8757 EE47 F06F FB28
> > --
> ------- End of Original Message -------
> 
> 
> 

Re: [Re: How to log dropped packet ?]

[Eric Leblond]

[-- Attachment #1: Type: text/plain, Size: 139 bytes --]

You better use ULOG target and daemon to log in a separate file (or in a
database)

BR,
-- 
Eric Leblond <eric@regit.org>
Regit.org

[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 189 bytes --]

See, signature how i can ?

[Waldecir Loureiro dos Santos Filho]

You have received a message!
I would like to get 20 packages to verify what they have in the same...is it
possible ?

I use this to study packets and get signatures and block this with string
match patch !


********Confidencialidade do Correio do Eletrônico***************
Informações confidenciais podem estar contidas nesta mensagem. Se você não
se encontra na lista de destinatários ou não é o remetente da mesma, você
não deve copiar ou enviar esta mensagem para ninguém. Neste caso, você deve
destruir e notificar o remetente da mesma. A empresa considera opiniões,
conclusões e outras informações que não se relacionam com o negócio oficial
da corporação de responsabilidade do usuário do serviço.