iptables: Log all dropped input packets

A web-based interface for system administration of UNIX

Brought to you by: iliaross, jcameron

iptables: Log all dropped input packets

Forum: Webmin

Creator: somebodysysop

Created: 2014-01-31

Updated: 2014-02-01

somebodysysop - 2014-01-31

Running Webmin 1.610 on Centos 5.3. I would like to log dropped iptable input packets like this: http://www.thegeekstuff.com/2012/08/iptables-log-packets/

I know how to reject input packets. I know how to log input packets. I can not figure out
for the life of me how to log all dropped packets using Webmin (that is, without making 2 entries per ip: one to log and one to drop).

Could someone please help? Thanks!

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

somebodysysop - 2014-02-01

Found a solution. I accomplished it by:

Creating a new Chain called LOGGING.

Adding 2 rules to LOGGING: a. Log all incoming packets. b. Drop all incoming packets.

Entering IP to drop into INPUT chain rule, and set rule to run LOGGING chain.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Log in to post a comment.