Jesin's Blog

Welcome to the Portal of Technology

  • Facebook
  • GitHub
  • Google+
  • RSS
  • Twitter
  • Home
  • Categories
    • Domains
    • Linux
    • Networking
    • PHP
    • Virtualization
    • Web Design
    • Web Servers
    • Windows
  • WordPress Plugins
    • Custom Error Pages
    • HTTP Digest Authentication
    • Mailgun Email Validator
  • Toolbox
    • DNS Lookup Tool
    • htdigest Generator Tool Online
    • htpasswd Generator Tool Online
    • HTTP Headers Lookup Tool
    • MD5 Encryption Tool
    • Open Port Check Tool
    • SHA-1 Encryption Tool
    • URL Encoding/Decoding Tool
  • About Me
  • Contact Me
  • Sitemap
Home ›
Linux ›
Linux iptables LOG everything

Linux iptables LOG everything

April 28, 2011 Linux Jesin A 4 Comments

linux category thumbnail

Using iptable’s LOG action certain things in the network tracffic can be logged. In this article I’ll explain how to log each and every minute network traffic using iptables. You can choose which Chain rules and tables should be logged. Information on network traffic is stored in /var/log/messages. This information can be very useful for debugging firewall rules or when you are configuring NAT.

To log actions relating to INPUT chain rule execute the following command as root

iptables -I INPUT 1 -j LOG

make sure to use -I instead of -A because this rule should be executed first before checking the other rules so 1 is used to place the rule first. Similarly you can execute the same command for other chains.

FORWARD chain

iptables -I FORWARD 1 -j LOG

OUTPUT chain

iptables -I OUTPUT 1 -j LOG

To log network activity in the NAT table execute the following commands for tracking activity in their respective chains

iptables -t nat -I PREROUTING 1 -j LOG
iptables -t nat -I POSTROUTING 1 -j LOG
iptables -t nat -I OUTPUT 1 -j LOG

These rules are not permanent a restart of the iptables service will flush them, to make them permanent execute

service iptables save

now take a peek inside /var/log/messages to see whats happening. To see it live execute

tail -f /var/log/messages

Related posts:

How to save IPtables rules in Debian linux category thumbnailHow to configure NIS server in Linux linux category thumbnailHow to setup an unmanaged Debian server linux category thumbnailSetup Linux DNS Server for Windows Active Directory linux category thumbnailSetting up a PPTP VPN Server on Debian/Ubuntu

Tags: iptables, linux

Comments

  1. Satyajith Bhat says

    May 24, 2011 at 11:12 pm

    Good article.

    Is the number of attempts tracked against a time frame? For example, lock out the user if 3 incorrect login attempts have been made within 15 mins? Or is this independent of the time frame?

    Reply
    • A.Jesin says

      May 25, 2011 at 9:25 pm

      Thanks for the comment Satyajith. I think your question is related to the article Linux password lockout policy, no it is not within a time frame, the unlock time we specify is duration for which the user’s account will remain locked.

      Reply
  2. Maheswaran says

    September 19, 2016 at 8:18 am

    Hi, how r u

    Now i am in desktop support engineer, also know basic in windows server. but my interest in Linux i don’t know about Linux and don’t have experience in Linux. now can i do redhat certification or windows certification.

    Reply
  3. prashant says

    September 22, 2016 at 10:54 am

    if i want to block LOG for specific network like 192.168.0.0/24 .
    actually i have beet set the rule is
    #iptables -A INPUT -j LOG
    #iptables -A FORWARD -j LOG
    but i want to block LOG for my home network so what iam do.

    Reply

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Get a wealth of information delivered to your inbox. Subscribe and never miss a single article.

  • Tutorials and howtos
  • Code, scripts and commands
  • Online Tools

* No spam, unsubscribe anytime

Hire Me

  • SSL installation and hardening (A+ on Qualys SSL test)
  • Apache & Nginx configuration
  • Email deliverability improvement (10/10 on Mail Tester & MailGenius)
  • WordPress customization, optimization and migration
  • and much more…

    Tools

    • DNS Lookup Tool
    • htdigest Generator Tool Online
    • htpasswd Generator Tool Online
    • HTTP Headers Lookup Tool
    • MD5 Encryption Tool
    • Open Port Check Tool
    • SHA-1 Encryption Tool
    • URL Encoding/Decoding Tool

    Nav

    • Home
    • About Me
    • Contact Me
    • Privacy Policy
    • Sitemap
    Vultr SSD VPS

    Creative Commons License
    Jesin's Blog by Jesin A is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.
    Based on a work at websistent.com.