IPTables: How to log and set a specific log file

debian firewall iptables logging debian-jessie

Is it possible log all dropped connections by IPTables and set a iptables.log file for logging in /var/log/?


Solution 1:

You can do this my configuring iptables to 'mark' the messages e.g. 

iptables -A INPUT -s 192.0.2.0/24 -j LOG --log-prefix='[iptables] '

Which will cause a log message that is prefixed with the text [iptables]

Now you can configure your rsyslog to send these messages to a particular log file by adding a suitable entry to it's configuration e.g.

:msg,contains,"[iptables] " /var/log/iptables.log

Related

Is HAProxy still necessary when Varnish can act as a load balancer?
Chrony doesn't appear to be syncing with the servers I've specified
SYNC a folder on Ubuntu server with amazon S3 bucket automatically
Load balancing LDAP from a Domain Controller via F5
Where should migrations be run on elasticbeanstalk deployment process?
Why are some RPM's "not relocatable"?
Brace expansion doesn't work the way I expect
matplotlib.pyplot is not working!
Bash script for copying files to subdirectories named after the file´s owner
Possible to use iPhone(iOS) as a webcam on Ubuntu?
"fuse: bad mount point No such file or directory" but the file exists
How to make ubuntu know a terminal command for the entire machine? [duplicate]