nixCraft Linux Forum

nixCraft

Linux Tech Support Forum

IPTABLES Help

This is a discussion on IPTABLES Help within the Linux software forums, part of the Linux Getting Started category; HI How can i view logs?? which i've droped and rejected. What is the command or configuration? any help??? Regards ...


Go Back   nixCraft Linux Forum > Linux Getting Started > Linux software

IPTABLES Help IPTABLES Help

Register FAQ Members List Calendar Forgotten your password? Mark Forums Read

Reply

 

LinkBack Thread Tools Display Modes
  #1 (permalink)  
Old 07-07-2006, 10:22 AM
Member
User
  
Join Date: Jul 2006
Posts: 50
Rep Power: 0
asim.mcp
Default IPTABLES Help
HI

How can i view logs?? which i've droped and rejected.
What is the command or configuration?
any help???


Regards
Asim
Reply With Quote
Sponsored Links
  #2 (permalink)  
Old 07-07-2006, 12:39 PM
monk's Avatar
Senior Member
User
  
Join Date: Jan 2005
Location: Tibet
My distro: Debian GNU/Linux
Posts: 482
Rep Power: 5
monk will become famous soon enough monk will become famous soon enough
Default
Asim,

In order to see rejected or dropped packets logs you need to use –LOG module. It will Log network activity to the syslog system i.e. file /var/log/message. See the url for complete info:
http://www.cyberciti.biz/nixcraft/vi...og-message.php

You can also use iptables log
http://sourceforge.net/projects/iptablelog/

If you need more help reply back
Reply With Quote
  #3 (permalink)  
Old 07-08-2006, 12:40 AM
tom tom is offline
Contributors
User
  
Join Date: Jun 2005
Location: London, UK
Posts: 213
Rep Power: 4
tom is on a distinguished road
Default
Asim,

By default logs of dropped packets goes to /var/log/message. You can use grep, cat, less and other commands to get information. As pointed out by monk you need to use LOG module. Do you need any specific examples?

Here is example from my laptop:
Command:
Code:
tail -f /var/log/message
Output:

Jul 7 17:15:09 debian kernel: IN=eth0 OUT= MAC=00:0f:ea:91:04:07:00:08:5c:00:00:01:08:00 SRC=218.52.60.50 DST=192.168.1.2 LEN=60 TOS=0x00 PREC=0x00 TTL=47 ID=33736 DF PROTO=TCP SPT=57797 DPT=22 WINDOW=5840 RES=0x00 SYN URGP=0
Jul 7 17:15:12 debian kernel: IN=eth0 OUT= MAC=00:0f:ea:91:04:07:00:08:5c:00:00:01:08:00 SRC=218.52.60.50 DST=192.168.1.2 LEN=60 TOS=0x00 PREC=0x00 TTL=47 ID=33738 DF PROTO=TCP SPT=57797 DPT=22 WINDOW=5840 RES=0x00 SYN URGP=0
Jul 7 17:16:03 debian kernel: IN=eth0 OUT= MAC=00:0f:ea:91:04:07:00:08:5c:00:00:01:08:00 SRC=66.111.241.4 DST=192.168.1.2 LEN=48 TOS=0x00 PREC=0x00 TTL=113 ID=15270 PROTO=TCP SPT=8477 DPT=22 WINDOW=65535 RES=0x00 SYN URGP=0

As you see IP 66.111.241.4 and 218.52.60.50 are dropped by my iptables. They are trying to connect DPT=22 (ssh server).

Hope this helps.
Reply With Quote
  #4 (permalink)  
Old 07-08-2006, 03:53 AM
Member
User
  
Join Date: Jul 2006
Posts: 50
Rep Power: 0
asim.mcp
Default IPTABLES Help
Thanks buddies
Reply With Quote
Reply

Bookmarks

« unusual behaviour of shell | Invalid ICMP type 3 code 3 error to a broadcast -samba error »

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)

 
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On

Similar Threads

Thread Thread Starter Forum Replies Last Post
Iptables nixsen CentOS / RHEL / Fedora 2 11-29-2007 04:01 PM
iptables help vitaminme Networking, Firewalls and Security 1 09-04-2007 03:42 AM
IPTABLES help vasanth Linux software 1 03-09-2005 10:15 AM


All times are GMT +5.5. The time now is 04:07 AM.

Contact Us - Linux answers from nixCraft - Archive - Top

Powered by vBulletin® Version 3.7.4 - Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
Search Engine Optimization by vBSEO 3.2.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36