Not sure if this has been answered yet. To log in real time what is going on with ipchains simply add a --log to each and every rule you want logged.
Make sure to restart ipchains after making the change to your rules. Then do a "tail -f /var/log/messages". Tail will actively show what is going on at the bottom of this log file. Any packets rejected by your ipchains rules will pop up in the log file. Works Great! --- Make sure that in your syslog.conf file that your ipchains is logging to /var/log/messages. I'm not to familiar with ipchains but most applications have configuration files in which one can change the logging of the application. If you find that ipchains is logging to local7 per say make sure your syslog is setup to accept this logging. Once you know what file ipchains logs I would write a little startup script that does the following: Tail -f /var/messages | mail -s "subject" you@youremailaddress This will mail some address with everything coming across you firewall. -Chris > -----Original Message----- > From: BG [mailto:[EMAIL PROTECTED]] > Sent: Tuesday, April 23, 2002 12:40 PM > To: [EMAIL PROTECTED] > Subject: RE: IPchains logging? > > > Hi, > > I ran the tail command, but all I get is a blank screen, even > when accessing the machine remotely. Is there something wrong? > > TIA, > Bill > > > -----Original Message----- > > From: [EMAIL PROTECTED] > > [mailto:[EMAIL PROTECTED]]On Behalf Of Jim Cunning > > Sent: Tuesday, April 23, 2002 9:08 AM > > To: [EMAIL PROTECTED] > > Subject: Re: IPchains logging? > > > > > > On Tue, 23 Apr 2002, BG wrote: > > > > > My firewall currently uses ipchains. I would like to log > > or possibly > > > monitor in real time what is being accepted and rejected. > > How can I do > > > that? > > > > Assuming you already have the rules you want logged defined in your > > ipchains, the command "tail -f /var/log/messages | grep > 'Packet log:'" > > will continuously run and display only lines logged by > ipchains filter > > rules. Enter ^C when you've seen enough. > > > > Jim Join 18 million Eudora users by signing up for a free Eudora Web-Mail account at http://www.eudoramail.com _______________________________________________ Redhat-list mailing list [EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
