iptables -A INPUT -j allow
iptables -A INPUT -j LOG --log-prefix="Dropped :"
iptables -N allow
iptables -A allow -p tcp -m multiport --dports http,https,domain -m
conntrack --ctstate NEW,ESTABLISHED,RELATED -j ACCEPT
iptables -A allow -p udp --dport 63
iptables -P INPUT DROP
you see log via dmesg or syslog.
On 04/01/2011 04:06 PM, Bjoern Meier wrote:
> hi,
>
> 2011/4/1 Flavio A. Reis<reis.falexandre@gmail.com>:
>> Hello,
>> friends, you can log into all that iptables is being blocked without logging
>> rules ACCEPT.
>> Example:
>> My Firewall has only opened the ports (80, 443, 53).
>> You can log all other connection attempts?
>> Thanks
>> att
> sure.
> - Set Default Policy for INPUT to DROP
> - Create Rule for ACCEPT 80,443,53
> - Append logging Rule (if the packets end here, it will be dropped);
> maybe with Prefix "DROP:"
> - change logrotate rules (you will get a lot of log entries).
>
> Greetings,
> Björn
>
>
--
To UNSUBSCRIBE, email to debian-firewall-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: http://lists.debian.org/4D95D8C8.9090104@gmail.com
No comments:
Post a Comment