Iptables is not sending LOG to syslog file

by on July 30, 2006 · 3 comments· LAST UPDATED November 22, 2007

in , ,

Q. I am running SSH/MySQL/Webserver and setup iptables based firewall. But my logs are send to console rather than the system log files. How do make sure that iptables LOG target messages are send to /var/log/messages file?

A. IPTABLES LOG module turns on kernel logging of matching packets. When this option is set for a rule, the Linux kernel will print some information on all matching packets (like most IP header fields) via the kernel log where it can be read with
dmesg or syslogd.

You can configure level of logging with an option called --log-level level. For example, drop and LOG all incoming port 22 TCP, message:
iptables -I OUTPUT -j LOG --log-level crit -p tcp --dport 22

Read man pages of iptables and syslog.conf for more info.

TwitterFacebookGoogle+PDF versionFound an error/typo on this page? Help us!

{ 3 comments… read them below or add one }

1 Ash July 11, 2009 at 2:44 pm

The answer does not answer the question. I don’t like sentences which state something obvious, silently ignoring the given problem. It is still unclear what to do if messages sent to LOG end on console instead of syslog.

Reply

2 Josh June 28, 2010 at 6:16 pm

I agree, I usually love your writing as it concise and clear, but this Q & A is very badly done.

Reply

3 niku September 10, 2012 at 2:39 am

Edit /etc/syslog.conf.

Reply

Leave a Comment

Tagged as: , , , , , , , , , , ,

Previous Faq:

Next Faq: