-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 A long time ago, in a galaxy far, far way, someone said...
> How do i get iptables to log packets that it DROPs? No way directly. When I need log packets I use two nearly identical iptables statements, like so when I block outgoing NetBIOS packets: iptables -A OUTPUT -p tcp --dport 137:139 -j LOG iptables -A OUTPUT -p tcp --dport 137:139 -j DENY iptables -A OUTPUT -p udp --dport 137:139 -j LOG iptables -A OUTPUT -p udp --dport 137:139 -j DENY - -- - ---------------------------------------------------------------------- Phil Brutsche [EMAIL PROTECTED] GPG fingerprint: 9BF9 D84C 37D0 4FA7 1F2D 7E5E FD94 D264 50DE 1CFC GPG key id: 50DE1CFC GPG public key: http://tux.creighton.edu/~pbrutsch/gpg-public-key.asc -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: Made with pgp4pine iD8DBQE7V7Be/ZTSZFDeHPwRArooAJ0eMJr+Z+OzZvAA7NyGD0ILm4pyeQCfZVxx SRE9XROc4evt2ujARf3fALI= =bGCn -----END PGP SIGNATURE-----
