What else is needed to get iptables to log into this file I created?

Posted by anthony01 on Server Fault See other posts from Server Fault or by anthony01
Published on 2012-09-24T02:46:46Z Indexed on 2012/09/24 3:40 UTC
Read the original article Hit count: 498

Filed under:
|
|

I want to create the logging of iptables DROP's and intrusion attemps.

First, I put --log-prefix "iptables: " at the end of every iptables rules in my iptables rules file. But this doesn't work, as it says there is a syntax error. So where should I put that command? (I would want to have it included in the saved rules file)

Secondly, I created a file iptables.conf within /etc/rsyslog.d/, and I put the following inside of it:

:msg, startswith, "iptables: " -/var/log/iptables.log
& ~

I assume that at this stage, I'm supposed to restart the rsyslog daemon.

What else is needed to do what I'm attempting?

Thanks a lot

© Server Fault or respective owner

Related posts about linux

Related posts about firewall