Feb 4 2023

iptables log to file

Create new chain:

iptables -N DROP-LOG
iptables -A DROP-LOG -m limit --limit 1/second -j LOG --log-prefix "[iptables-drop] "
iptables -A DROP-LOG -j DROP

 

Create /etc/rsyslog.d/10-iptables.conf and add lines:

:msg,contains,"[iptables-drop] " /var/log/iptables.log
# stop logging anything that matches the last rule.
# Doing this will stop logging kernel log messages to the file
# normally containing kern.* messages (eg, /var/log/kern.log)
& stop
Categories Linux on February 4, 2023 by Rafał Romanowski | No Comments

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.