Re: [logs] understanding IPTABLES logs

• Previous message: Martin Peikert: "Re: [logs] understanding IPTABLES logs"
• In reply to: Taylor Robison: "[logs] understanding IPTABLES logs"
• Next in thread: Bob George: "[logs] Re: understanding IPTABLES logs"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, Aug 11, 2003 at 04:19:05PM -0400, Taylor Robison wrote:
> I am trying to understand some iptables logs and am a little confused by 
> the content.
> 
> I'm afraid it is not obvious to me WHY a log message is significant.  
> From the log statment, I can't take a look at it an instantly see 
> whether I should be worried or not.  There is nothing that jumps out at 
> me to tell me that the message was logged because a jerk spoofed his 
> IP...or sent nasty headers.

Look into the --log-* options.  By using a different --log-prefix for
different rules, you should be able to seperate your log messages.  I
don't think that there's an option that will add the rule number to the
log message, but you can probably handle that in the log prefix.

> I suppose there is an M out there I should be RTFing....perhaps someone 
> would be kind enough to point me in the right direction?

man iptables?

-- 
Ed Schmollinger - schmolliat_private

• application/pgp-signature attachment: stored

• Next message: Bob George: "[logs] Re: understanding IPTABLES logs"
• Previous message: Martin Peikert: "Re: [logs] understanding IPTABLES logs"
• In reply to: Taylor Robison: "[logs] understanding IPTABLES logs"
• Next in thread: Bob George: "[logs] Re: understanding IPTABLES logs"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Aug 14 2003 - 06:04:14 PDT