ADJ網路實驗室 - Powered by Discuz! Board

標題: [介紹] iptables log 設定如何啟用 [打印本頁]

作者: apple 時間: 2011-11-4 21:00 標題: iptables log 設定如何啟用

要讓 iptables 留下 log ...可以這樣做~~

Iptables default log file

For example, if you type the following command, it will display current iptables log from /var/log/messages file:

預設log會到/var/log/messages,如果要改到其他目錄 syslog.conf 該如何設定 ?

Procedure to log the iptables messages to a different log file

Open your /etc/syslog.conf file:

# vi /etc/syslog.conf

Append following line

kern.warning /var/log/iptables.log

Save and close the file.

Restart the syslog

service syslog restart

在Firewall 設定加上

iptables -A FORWARD -p tcp -j LOG --log-prefix '** HACKERS **' --log-level 4

Where,

--log-level 4: Level of logging. The level # 4 is for warning.
--log-prefix '*** TEXT ***': Prefix log messages with the specified prefix (TEXT); up to 29 letters long, and useful for distinguishing messages in the logs.

You can now see all iptables message logged to /var/log/iptables.log file:

# tail -f /var/log/iptables.log

歡迎光臨 ADJ網路實驗室 (http://dz.adj.idv.tw/)