CentOS 6 下单独记录 iptables 日志
2016-07-03 11:39
501 查看
1. First, add a new chain with a reasonable name:
iptables -N LOGGING
2. Next, insert a rule at the appropriate point (hence me using
iptables -I INPUT 5 -j LOGGING
3. Add the actual logging rule next
iptables -A LOGGING -j LOG --log-prefix "DROP: " --log-level 7
iptables -A LOGGING -j DROP
service iptables save
service iptables restart
4. vi /etc/rsyslog.conf
kern.debug /var/log/iptables.log
service rsyslog restart
5. vi /etc/logrotate.d/syslog
add /var/log/iptables.log to list of filenames
iptables -N LOGGING
2. Next, insert a rule at the appropriate point (hence me using
--line-numbersabove). You could replace the existing
REJECTat line 5 in its entirety as its functionality will be moved into the
LOGGINGchain (where I change it to a
DROPanyway):
iptables -I INPUT 5 -j LOGGING
3. Add the actual logging rule next
iptables -A LOGGING -j LOG --log-prefix "DROP: " --log-level 7
iptables -A LOGGING -j DROP
service iptables save
service iptables restart
4. vi /etc/rsyslog.conf
kern.debug /var/log/iptables.log
service rsyslog restart
5. vi /etc/logrotate.d/syslog
add /var/log/iptables.log to list of filenames
相关文章推荐
- Linux下主机充当防火墙的巧妙应用之iptables
- MySQL Server 日志
- 使用linux构建一台路由器
- 系统管理员需知的 16 个 iptables 使用技巧
- MSSQL 2005 LOG备份webshell的方法
- 使用MySQL Slow Log来解决MySQL CPU占用高的问题
- 清理SQL Server 2008日志文件Cannot shrink log file 2 的解决方案
- Android系统开发中log的使用方法及简单的原理
- iptables做策略屏蔽QQ与MSN
- android杂记:C++文件的添加log方法分享
- Nginx+iptables屏蔽访问Web页面过于频繁的IP(防DDOS,恶意访问,采集器)
- Shell脚本实现监控iptables规则是否被修改
- 提取oralce当天的alert log的shell脚本代码
- mysql正确安全清空在线慢查询日志slow log的流程分享
- PHP error_log()将错误信息写入一个文件(定义和用法)
- 修改iptables防火墙规则解决vsftp登录后不显示文件目录的问题
- 一键配置CentOS iptables防火墙的Shell脚本分享
- Apache启动错误Permission denied: httpd: could not open error log file解决方法
- Android开发笔记之:Log图文详解(Log.v,Log.d,Log.i,Log.w,Log.e)
- Android编程之基于Log演示一个activity生命周期实例详解