Howto logging iptables

Posted on Updated on


Hanya mendokumentasikan postingan Pak Ronny Haryanto di milis tanya-jawab@linux.or.id tentang bagaimana cara me-log iptables.

Caranya:

Tambahkan 2 chain baru khusus utk logging ini, supaya lebih enak dibaca aja (soalnya jika kita mau nge-log dan nge-drop kita harus membuat dua rules).

iptables -N logdrop
iptables -A logdrop -j LOG –log-prefix “DROPPED: ”
iptables -A logdrop -j DROP

iptables -N logaccept
iptables -A logaccept -j LOG –log-prefix “ACCEPTED: ”
iptables -A logaccept -j ACCEPT

Lalu jika suatu saat kita membuat rules iptables ada yg mau di-drop/accept dan juga dilog, tinggal tambahkan rule iptables:

iptables … -j logdrop (instead of -j DROP langsung)
iptables … -j logaccept (instead of -j ACCEPT langsung)

Maka lognya akan muncul di syslog.

One thought on “Howto logging iptables

    surya said:
    October 9, 2007 at 2:35 am

    root@mail:/var/log# iptables -A logaccept -j LOG -log-prefix “ACCEPTED: “
    iptables v1.3.6: Unknown arg `LOG’
    Try `iptables -h’ or ‘iptables –help’ for more information.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s