Advertisement: Linux VPS from $4/month - contact support for custom offer.
 
+ Post New Thread
Results 1 to 2 of 2

Thread: How to enable iptables logging for blocked requests?

  1. 04-24-2023, 11:46 AM #1
    Fli
    Fli is offline
    Administrator
    Join Date
    Mar 2013
    Posts
    2,731

    How to enable iptables logging for blocked requests?

    How to enable logging in iptables.
    If the last line in chain is to drop everything that does not match previous rules, then I assume one should add logging rule before this line in order to log only blocked requests.

    sudo iptables -L --line-numbers
    sudo iptables -I CHAIN(INPUT,OUTPUT,FORWARD) NUMBER(number of the chain line where is last drop rule shown using above command) -j LOG
    sudo tail -f /var/log/messages
    Register to reply this topic
    Check ILF rules
    I live on ecological debt
    Reply With Quote Reply With Quote
  2. 05-01-2023, 07:19 AM #2
    RoelandVerhoeven
    RoelandVerhoeven is offline
    Junior Member RoelandVerhoeven's Avatar
    Join Date
    Mar 2023
    Posts
    4

    Is this useful / helpfull? Yes | No
    Yes, you are right. To log only blocked requests, you need to add a logging rule before the last "DROP" rule in the iptables chain.
    List the iptables rules with line numbers, insert a new rule before the last "DROP" rule, save the new iptables rules, check the log file for iptables messages.
    Reply With Quote Reply With Quote
+ Post New Thread
« Previous Thread | Next Thread »

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules

 Protected by : ZB BLOCK  &  StopForumSpam