Iptables is not sending LOG to syslog file
Q. I am running SSH/MySQL/Webserver and setup iptables based firewall. But my logs are send to console rather than the system log files. How do make sure that iptables LOG target messages are send to /var/log/messages file?
A. IPTABLES LOG module turns on kernel logging of matching packets. When this option is set for a rule, the Linux kernel will print some information on all matching packets (like most IP header fields) via the kernel log where it can be read with
dmesg or syslogd.
You can configure level of logging with an option called --log-level level. For example, drop and LOG all incoming port 22 TCP, message:
iptables -I OUTPUT -j LOG --log-level crit -p tcp --dport 22
Read man pages of iptables and syslog.conf for more info.
Subscribe to our free e-mail newsletter or RSS feed to get all updates.
You can Email this page to a friend.
Related Linux / UNIX FAQ:
- Linux disable or remove the iptables firewall
- Linux passive ftp not working problem and solution
- How do I Load / Start RHEL / CentOS / Fedora Linux Iptables Firewall on Computer Boot?
- Iptables open ftp port 21
- How do I save iptables rules or settings?
Leave a Reply
We encourage your comments, and suggestions. But please stay on topic, be polite, and avoid spam. Please do not use the comment form to ask for help / question. Ask your question on the excellent Linux tech support forum. Thank you very much for stopping by our site!
Tags: firewall, incoming port, ip header fields, iptables log, linux kernel, log messages, log target, port 22, ssh, syslog, system log files, tcp ~ Last updated on: November 22, 2007
Recent Comments
Today ~ 17 Comments
Today ~ 2 Comments
Today ~ 37 Comments
Today ~ 46 Comments
Yesterday ~ 2 Comments