Network Protection: Firewall, NAT, QoS, & IPS logging of allowed ports

UTM Firewall requires membership for participation - click to join

Thread Info

State Not Answered
Locked Locked
Replies 3 replies
Subscribers 2 subscribers
Views 775 views
Users 0 members are here

Options

Suggested

This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

logging of allowed ports

Mike_C over 23 years ago

Is there a way to log allowed port access (like 81 & 85)? I allow inbound traffic to them, but would like to log it somehow.

This thread was automatically locked due to age.

0 lop over 23 years ago

I dont know a way without ipfilter.local in 2.0X and 3.020. Add your LOG rules with this script - works for me with the IPSec stuff well...
Cancel
Vote Up 0 Vote Down

Cancel
0 Mike_C over 23 years ago in reply to lop

Is there a doc to explain what fields are required for logging?
Cancel
Vote Up 0 Vote Down

Cancel
0 Chris2 over 23 years ago in reply to Mike_C

Try something like this:
iptables -A INPUT -m state NEW -p TCP --dport -j LOG --log-prefix ""

If you want to catch all packets, after NEW append ESTABLISHED,RELATED, otherwise you only get syn's.
with the log-prefix you may have a better overview while examining the logs...
I don't know if astaro already does, guess so, if not you may configure your syslog.conf to get human readable logfile entries:

kern.info /var/log/kern.info

have fun, Chris
Cancel
Vote Up 0 Vote Down

Cancel