[LUG] question regarding log of iptables

To: list@xxxxxxxxxxxx
Subject: [LUG] question regarding log of iptables
From: "haoxin Song" <songhxlinux@xxxxxxxxxxx>
Date: Fri, 26 Oct 2001 15:50:29 +0000
Bcc:
Reply-to: list@xxxxxxxxxxxx

Hi there, I am pretty new for linux and iptables. I have a question regarding the log of iptable. The linux RedHat 7 is configed to enable ip_forwarding and ip_masqueradeing.

All traffic are currently going through the box. The problem I have is that I can not figure out a way to log the forwading or masquerading action. Seems the system don't want to log those actions.

Here is the "syslog.conf" and out come of "iptables -L" and "iptables -t
nat -L". Thank you in advance for yor help.

Larry

"syslog.conf"
****************
# Log all kernel messages to the console.
# Logging much else clutters up the screen.
kern.*							/dev/console

# Log anything (except mail) of level info or higher.
# Don't log private authentication messages!
*.*;*.info;mail.none;authpriv.none;cron.none		/var/log/messages

# The authpriv file has restricted access.
authpriv.*						/var/log/secure

# Log all the mail messages in one place.
mail.*							/var/log/maillog


# Log cron stuff
cron.*							/var/log/cron

# Everybody gets emergency messages, plus log them on another
# machine.
*.emerg							*

# Save mail and news errors of level err and higher in a
# special file.
uucp,news.crit						/var/log/spooler

# Save boot messages also to boot.log
local7.*						/var/log/boot.log


************************
[root@xxxxxxxxx /etc]# iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination

Chain FORWARD (policy ACCEPT) target prot opt source destination ACCEPT all -- 192.168.1.0/24 anywhere ACCEPT all -- anywhere 192.168.1.0/24 DROP all -- anywhere anywhere LOG all -- anywhere anywhere LOG level debug prefix `FORWARDing PACKET: '

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

[root@xxxxxxxxx /etc]# iptables -t nat -L
Chain PREROUTING (policy ACCEPT)
target     prot opt source               destination

Chain POSTROUTING (policy ACCEPT)
target     prot opt source               destination
MASQUERADE  all  --  anywhere            !192.168.1.0/24

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination


_________________________________________________________________
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp


--
The Mailing List for the Devon & Cornwall LUG
Mail majordomo@xxxxxxxxxxxx with "unsubscribe list" in the
message body to unsubscribe.

RE: [LUG] question regarding log of iptables
- From: Pete Hatton
Re: [LUG] question regarding log of iptables
- From: Gary Stringer

Prev by Date: RE: [LUG] Re: Red Hat 7.2
Next by Date: RE: [LUG] Re: Red Hat 7.2
Previous by thread: Re: [LUG] Re: Red Hat 7.2
Next by thread: RE: [LUG] question regarding log of iptables
Index(es):
- Date
- Thread

Lynx friendly