Q. I am running SSH/MySQL/Webserver and setup iptables based firewall. But my logs are send to console rather than the system log files. How do make sure that iptables LOG target messages are send to /var/log/messages file?
A. IPTABLES LOG module turns on kernel logging of matching packets. When this option is set for a rule, the Linux kernel will print some information on all matching packets (like most IP header fields) via the kernel log where it can be read with
dmesg or syslogd.
You can configure level of logging with an option called --log-level level. For example, drop and LOG all incoming port 22 TCP, message:
iptables -I OUTPUT -j LOG --log-level crit -p tcp --dport 22
Read man pages of iptables and syslog.conf for more info.
Featured Articles:
- 20 Linux System Monitoring Tools Every SysAdmin Should Know
- 20 Linux Server Hardening Security Tips
- My 10 UNIX Command Line Mistakes
- Linux: 20 Iptables Examples For New SysAdmins
- 25 PHP Security Best Practices For Sys Admins
- The Novice Guide To Buying A Linux Laptop
- 10 Greatest Open Source Software Of 2009
- Top 5 Email Client For Linux, Mac OS X, and Windows Users
- Top 20 OpenSSH Server Best Security Practices
- Top 10 Open Source Web-Based Project Management Software
- Top 5 Linux Video Editor Software
Facebook it - Tweet it - Print it -
{ 1 comment… read it below or add one }
The answer does not answer the question. I don’t like sentences which state something obvious, silently ignoring the given problem. It is still unclear what to do if messages sent to LOG end on console instead of syslog.