Page 1 of 1
iptables logging
Posted: 09 Jun 2012, 03:40
by ZoombyWoof
Hi there,
I'm far from an expert on iptables, and after reading the post on running shorewall on my Bubba3, I realize even more how true that is
I would like to have iptables log drops,rejects,forwards and accepts somewhere. How can I accomplish that ?
Thanx
/zw
Re: iptables logging
Posted: 09 Jun 2012, 09:39
by nobody
Re: iptables logging
Posted: 10 Jun 2012, 16:20
by Gordon
The thing is that if you use firewall scripts such as Shorewall, it gets less important to understand iptables. You just add parameters that tell what you want and the script adds all the rules that will accomplish this.
Admittedly Shorewall may be somewhat big to run on a Bubba as it is more corporate targeted. In the end I'm also not using it myself, although I do use several of the resulting structures from using this script. In fact you could use the Shorewall howto to do the same: follow the chains to get an understanding of the mechanics and implement what you need.
As stated in the linked webpage, the trick is to isolate the loglines from the regular messages file and remember that these logs can grow like crazy; as in megabytes per second!
Re: iptables logging
Posted: 10 Jun 2012, 16:55
by ZoombyWoof
Hi,
yes, I know a bit about Shorewall, I run it on a couple of other machines here at home, but I thought I should skip Shorewall on the Bubba and only use Bubba firewall, but I want logging, so, now I run Shorewall on my Bubba, log to a separate file, and it works like a charm.
Thanx for the input
/zw