1

What else is needed to get iptables to log into this file I created?

view story
linux-howto

http://serverfault.com – I want to create the logging of iptables DROP's and intrusion attemps. First, I put --log-prefix "iptables: " at the end of every iptables rules in my iptables rules file. But this doesn't work, as it says there is a syntax error. So where should I put that command? (I would want to have it included in the saved rules file) Secondly, I created a file iptables.conf within /etc/rsyslog.d/, and I put the following inside of it: :msg, startswith, "iptables: " -/var/log/iptables.log & ~ I assume that at this stage, I'm supposed to restart the rsyslog daemon. What else is needed to do wha (HowTos)

u85500's picture
Submitted by u85500 on 09/23/2012

Stories similar to What else is needed to get iptables to log into this file I created?

Hi could could anyone help me understand why line 15 is failing supposedly in my iptables file.

iptables not starting up 35 weeks 3 days ago

I have inherited a custom built Linux kernel 2.6.30.9 and am just upgrading the underlying OS from RHEL 5.4 to 5.8 (kernels 2.6.18.164 and 2.6.18.308 respectively).

When booting, the following is displayed:

unloading iptables modules [ OK ] Applying iptables firewall rules: modprobe: FATAL: module ip-tables not found.

iptables-restore v1.3.5: iptables-restore unable to init

Possible Duplicate: iptables: forward port 80 to port 8080

I'd like to forward port 80 to 8080. So I tried to edit /etc/syscongfig/iptables:

-A PREROUTING -t nat -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 8080

But got:

# service iptables restart iptables: Flushing firewall rules: [ OK ] iptables: Setting chains to policy ACCEPT: filter [ OK

Ok, couple of things are wrong here. First of all, when showing your ip(6)tables rules, grab them directly from the kernel, either by using iptables-save [-c], iptables [-v] -S or even iptables [-t table] -nvL [chain].

I have few iptables rules which I want to use permanently.

Hey guys,

I don't understand whats going on with my rootserver... I have reset iptables and just opened the port for ssh. Now suddenly over night I see that there are a various of ports open: 21,80, 135, 139, 445, 3128

Could it be that vsftpd for example put rules in automatically to allow input on port 21?

I also tried disabling iptables with this command:

Code: # iptables -X # iptables

I've tried adding a few rules to my iptables but they don't seem to be saving. In order to save them, I've tried running iptables-save and service iptables save. Each time I have run either of those commands, it says that it has saved successfully.

I made a very simple bash script (echo at start, runs commands, echos at end) to add approx 7300 rules to iptables blocking much of China and Russia, however it gets through adding approximately 400 rules before giving the following error for every subsequent attempt to add a rule to that chain:

iptables: Unknown error 18446744073709551615

I even tried manually adding rules afterwards and it wo

Hello,Someone here can explain me why iptables is slow to load iptables rules from a script after a reboot?it can take up to 2 minutes to make iptables start loading rules