Results 1 to 14 of 14
  1. #1
    Join Date
    Oct 2012
    Posts
    33

    iptables logging doesn't work

    Hello everyone,

    I want to log UDP flood attacks on my virtual server so I decided to use iptables logging so I can find the attacker ip and ban it using APF.

    So I'm using that rule to make sure if iptables works:

    Code:
    iptables -A INPUT -j LOG --log-prefix "iptables log: " --log-level 4
    But it doesn't save anything to log files. I append "kern.* /var/log/iptables.log" to syslog.conf and restarted the syslog deamon but still doesn't log anything.

    Please help me about this. Am I missing a point?

  2. #2
    Join Date
    Nov 2013
    Posts
    97
    Did you created a chain for the logging?

  3. #3
    Join Date
    Dec 2007
    Location
    LocalHost
    Posts
    1,303
    May be you are missing save >> restart iptables.
    YagHost - Pure SSD Hosting | Since 2007 | Average Response Time: 15 min
    Web Hosting | Reseller Hosting | Managed VPS Hosting
    99.9% Server Uptime Guarantee | 24/7 Rapid Response Tech Support | 30 Day Money Back Guarantee
    LopHost.com - Web Hosting Tutorials

  4. #4
    Join Date
    Nov 2013
    Posts
    97
    no you need to create a chain for logging. You cannot just log directly from the INPUT chain.

    try these commands:

    Code:
    iptables -N LOGGING
    iptables -A INPUT -j LOGGING
    iptables -A LOGGING -m limit --limit 2/min -j LOG --log-prefix "IPTables-Dropped: " --log-level 4
    iptables -A LOGGING -j DROP

  5. #5
    Join Date
    Oct 2012
    Posts
    33
    Quote Originally Posted by Natcoweb-Peter View Post
    no you need to create a chain for logging. You cannot just log directly from the INPUT chain.

    try these commands:

    Code:
    iptables -N LOGGING
    iptables -A INPUT -j LOGGING
    iptables -A LOGGING -m limit --limit 2/min -j LOG --log-prefix "IPTables-Dropped: " --log-level 4
    iptables -A LOGGING -j DROP
    I tried the commands above but still it doesn't log anything. Am I doing wrong with the syslog.conf? Here take a look at it.

    Code:
    # Log all kernel messages to the console.
    # Logging much else clutters up the screen.
    #kern.*							/dev/console
    
    # Log anything (except mail) of level info or higher.
    # Don't log private authentication messages!
    *.info;mail.none;authpriv.none;cron.none		/var/log/messages
    
    # The authpriv file has restricted access.
    authpriv.*						/var/log/secure
    
    # Log all the mail messages in one place.
    mail.*							-/var/log/maillog
    
    
    # Log cron stuff
    cron.*							/var/log/cron
    
    # Everybody gets emergency messages
    *.emerg							*
    
    # Save news errors of level crit and higher in a special file.
    uucp,news.crit						/var/log/spooler
    
    # Save boot messages also to boot.log
    local7.*						/var/log/boot.log
    kern.warning /var/log/iptables.log

  6. #6
    Join Date
    Nov 2013
    Posts
    97
    can I have a look at the iptables -vnL?

  7. #7
    Join Date
    Oct 2012
    Posts
    33
    Quote Originally Posted by Natcoweb-Peter View Post
    can I have a look at the iptables -vnL?
    APF is enabled. No logging rule in it. Here take this.

    Code:
    Chain INPUT (policy ACCEPT 3538 packets, 287K bytes)
     pkts bytes target     prot opt in     out     source               destination         
     1624  274K ACCEPT     all  --  lo     *       0.0.0.0/0            0.0.0.0/0           
        0     0 DROP       all  --  venet0 *       100.64.0.0/10        0.0.0.0/0           
        0     0 DROP       all  --  venet0 *       127.0.0.0/8          0.0.0.0/0           
        0     0 DROP       all  --  venet0 *       169.254.0.0/16       0.0.0.0/0           
        0     0 DROP       all  --  venet0 *       192.0.0.0/24         0.0.0.0/0           
        0     0 DROP       all  --  venet0 *       192.0.2.0/24         0.0.0.0/0           
        0     0 DROP       all  --  venet0 *       198.18.0.0/15        0.0.0.0/0           
        0     0 DROP       all  --  venet0 *       198.51.100.0/24      0.0.0.0/0           
        0     0 DROP       all  --  venet0 *       203.0.113.0/24       0.0.0.0/0           
        0     0 DROP       all  --  venet0 *       224.0.0.0/4          0.0.0.0/0           
        0     0 DROP       all  --  venet0 *       240.0.0.0/4          0.0.0.0/0           
     356K   29M REFRESH_TEMP  all  --  *      *       0.0.0.0/0            0.0.0.0/0           
     356K   29M TALLOW     all  --  *      *       0.0.0.0/0            0.0.0.0/0           
     356K   29M TDENY      all  --  *      *       0.0.0.0/0            0.0.0.0/0           
     356K   29M TGALLOW    all  --  *      *       0.0.0.0/0            0.0.0.0/0           
     356K   29M TGDENY     all  --  *      *       0.0.0.0/0            0.0.0.0/0           
        0     0 DROP       tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp dpts:135:139 
        0     0 DROP       udp  --  *      *       0.0.0.0/0            0.0.0.0/0           udp dpts:135:139 
        0     0 DROP       tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp dpt:111 
        0     0 DROP       udp  --  *      *       0.0.0.0/0            0.0.0.0/0           udp dpt:111 
        0     0 DROP       tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp dpt:513 
        0     0 DROP       udp  --  *      *       0.0.0.0/0            0.0.0.0/0           udp dpt:513 
        0     0 DROP       tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp dpt:520 
        0     0 DROP       udp  --  *      *       0.0.0.0/0            0.0.0.0/0           udp dpt:520 
        0     0 DROP       tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp dpt:445 
        0     0 DROP       udp  --  *      *       0.0.0.0/0            0.0.0.0/0           udp dpt:445 
        0     0 DROP       tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp dpt:1433 
        0     0 DROP       udp  --  *      *       0.0.0.0/0            0.0.0.0/0           udp dpt:1433 
        0     0 DROP       tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp dpt:1434 
        0     0 DROP       udp  --  *      *       0.0.0.0/0            0.0.0.0/0           udp dpt:1434 
        0     0 DROP       tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp dpt:1234 
        0     0 DROP       udp  --  *      *       0.0.0.0/0            0.0.0.0/0           udp dpt:1234 
        0     0 DROP       tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp dpt:1524 
        0     0 DROP       udp  --  *      *       0.0.0.0/0            0.0.0.0/0           udp dpt:1524 
        0     0 DROP       tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp dpt:3127 
        0     0 DROP       udp  --  *      *       0.0.0.0/0            0.0.0.0/0           udp dpt:3127 
     354K   29M IN_SANITY  all  --  *      *       0.0.0.0/0            0.0.0.0/0           
     354K   29M FRAG_UDP   all  --  *      *       0.0.0.0/0            0.0.0.0/0           
     354K   29M PZERO      all  --  *      *       0.0.0.0/0            0.0.0.0/0           
     353K   28M P2P        all  --  *      *       0.0.0.0/0            0.0.0.0/0           
     353K   28M TELNET_LOG  all  --  *      *       0.0.0.0/0            0.0.0.0/0           
     353K   28M SSH_LOG    all  --  *      *       0.0.0.0/0            0.0.0.0/0           
        0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp dpt:21 
      138 12476 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp dpt:22 
     1073 94194 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp dpt:80 
        0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp dpt:3306 
        8   586 ACCEPT     udp  --  *      *       0.0.0.0/0            0.0.0.0/0           udp dpt:53 
     352K   28M ACCEPT     udp  --  *      *       0.0.0.0/0            0.0.0.0/0           udp dpt:7777 
        0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0           icmp type 3 limit: avg 30/sec burst 5 
        0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0           icmp type 5 limit: avg 30/sec burst 5 
        0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0           icmp type 11 limit: avg 30/sec burst 5 
        0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0           icmp type 0 limit: avg 30/sec burst 5 
        0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0           icmp type 30 limit: avg 30/sec burst 5 
        0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0           icmp type 8 limit: avg 30/sec burst 5 
        0     0 DROP       tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp flags:!0x17/0x02 state NEW 
       25  2350 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED 
       37  3472 ACCEPT     udp  --  *      *       0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED 
        0     0 ACCEPT     udp  --  *      *       8.8.8.8              0.0.0.0/0           udp spt:53 dpts:1023:65535 
        0     0 ACCEPT     tcp  --  *      *       8.8.8.8              0.0.0.0/0           tcp spt:53 dpts:1023:65535 
        0     0 DROP       tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp spt:53 dpts:1023:65535 
        0     0 DROP       udp  --  *      *       0.0.0.0/0            0.0.0.0/0           udp spt:53 dpts:1023:65535 
        0     0 ACCEPT     udp  --  *      *       8.8.4.4              0.0.0.0/0           udp spt:53 dpts:1023:65535 
        0     0 ACCEPT     tcp  --  *      *       8.8.4.4              0.0.0.0/0           tcp spt:53 dpts:1023:65535 
        0     0 DROP       tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp spt:53 dpts:1023:65535 
        0     0 DROP       udp  --  *      *       0.0.0.0/0            0.0.0.0/0           udp spt:53 dpts:1023:65535 
        0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp spts:1023:65535 dpt:21 state RELATED,ESTABLISHED 
        0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           multiport dports 21,20 state RELATED,ESTABLISHED 
        0     0 ACCEPT     udp  --  *      *       0.0.0.0/0            0.0.0.0/0           multiport dports 21,20 state RELATED,ESTABLISHED 
        0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp spt:22 dpts:513:65535 state RELATED,ESTABLISHED 
        0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp spts:1024:65535 dpt:22 flags:0x17/0x02 state RELATED,ESTABLISHED 
        0     0 ACCEPT     udp  --  *      *       0.0.0.0/0            0.0.0.0/0           udp dpt:22 state ESTABLISHED 
        0     0 ACCEPT     udp  --  *      *       0.0.0.0/0            0.0.0.0/0           state NEW udp dpts:33434:33534 
        7   352 LOG        tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           limit: avg 30/min burst 5 LOG flags 0 level 7 prefix `** IN_TCP DROP ** ' 
        0     0 LOG        udp  --  *      *       0.0.0.0/0            0.0.0.0/0           limit: avg 30/min burst 5 LOG flags 0 level 7 prefix `** IN_UDP DROP ** ' 
        7   352 DROP       tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           
        0     0 DROP       udp  --  *      *       0.0.0.0/0            0.0.0.0/0           
        0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    
    Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
     pkts bytes target     prot opt in     out     source               destination         
    
    Chain OUTPUT (policy ACCEPT 2763 packets, 407K bytes)
     pkts bytes target     prot opt in     out     source               destination         
     1624  274K ACCEPT     all  --  *      lo      0.0.0.0/0            0.0.0.0/0           
      141  6884 TCPMSS     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp flags:0x06/0x02 TCPMSS clamp to PMTU 
        0     0 DROP       all  --  *      venet0  0.0.0.0/0            100.64.0.0/10       
        0     0 DROP       all  --  *      venet0  0.0.0.0/0            127.0.0.0/8         
        0     0 DROP       all  --  *      venet0  0.0.0.0/0            169.254.0.0/16      
        0     0 DROP       all  --  *      venet0  0.0.0.0/0            192.0.0.0/24        
        0     0 DROP       all  --  *      venet0  0.0.0.0/0            192.0.2.0/24        
        0     0 DROP       all  --  *      venet0  0.0.0.0/0            198.18.0.0/15       
        0     0 DROP       all  --  *      venet0  0.0.0.0/0            198.51.100.0/24     
        0     0 DROP       all  --  *      venet0  0.0.0.0/0            203.0.113.0/24      
        0     0 DROP       all  --  *      venet0  0.0.0.0/0            224.0.0.0/4         
        0     0 DROP       all  --  *      venet0  0.0.0.0/0            240.0.0.0/4         
     335K   36M REFRESH_TEMP  all  --  *      *       0.0.0.0/0            0.0.0.0/0           
     335K   36M TALLOW     all  --  *      *       0.0.0.0/0            0.0.0.0/0           
     335K   36M TDENY      all  --  *      *       0.0.0.0/0            0.0.0.0/0           
     335K   36M TGALLOW    all  --  *      *       0.0.0.0/0            0.0.0.0/0           
     335K   36M TGDENY     all  --  *      *       0.0.0.0/0            0.0.0.0/0           
        0     0 DROP       tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp dpts:135:139 
        0     0 DROP       udp  --  *      *       0.0.0.0/0            0.0.0.0/0           udp dpts:135:139 
        0     0 DROP       tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp dpt:111 
        0     0 DROP       udp  --  *      *       0.0.0.0/0            0.0.0.0/0           udp dpt:111 
        0     0 DROP       tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp dpt:513 
        0     0 DROP       udp  --  *      *       0.0.0.0/0            0.0.0.0/0           udp dpt:513 
        0     0 DROP       tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp dpt:520 
        0     0 DROP       udp  --  *      *       0.0.0.0/0            0.0.0.0/0           udp dpt:520 
        0     0 DROP       tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp dpt:445 
        0     0 DROP       udp  --  *      *       0.0.0.0/0            0.0.0.0/0           udp dpt:445 
        0     0 DROP       tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp dpt:1433 
        0     0 DROP       udp  --  *      *       0.0.0.0/0            0.0.0.0/0           udp dpt:1433 
        0     0 DROP       tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp dpt:1434 
        0     0 DROP       udp  --  *      *       0.0.0.0/0            0.0.0.0/0           udp dpt:1434 
        0     0 DROP       tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp dpt:1234 
        1   137 DROP       udp  --  *      *       0.0.0.0/0            0.0.0.0/0           udp dpt:1234 
        0     0 DROP       tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp dpt:1524 
        0     0 DROP       udp  --  *      *       0.0.0.0/0            0.0.0.0/0           udp dpt:1524 
        0     0 DROP       tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp dpt:3127 
        0     0 DROP       udp  --  *      *       0.0.0.0/0            0.0.0.0/0           udp dpt:3127 
     334K   36M OUT_SANITY  all  --  *      *       0.0.0.0/0            0.0.0.0/0           
     334K   36M FRAG_UDP   all  --  *      *       0.0.0.0/0            0.0.0.0/0           
     334K   36M PZERO      all  --  *      *       0.0.0.0/0            0.0.0.0/0           
     333K   36M P2P        all  --  *      *       0.0.0.0/0            0.0.0.0/0           
     1615 1596K ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp dpts:1024:65535 state RELATED,ESTABLISHED 
     331K   35M ACCEPT     udp  --  *      *       0.0.0.0/0            0.0.0.0/0           udp dpts:1024:65535 state RELATED,ESTABLISHED 
       36  2350 ACCEPT     udp  --  *      *       0.0.0.0/0            8.8.8.8             udp spts:1023:65535 dpt:53 
        0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            8.8.8.8             tcp spts:1023:65535 dpt:53 
        0     0 ACCEPT     udp  --  *      *       0.0.0.0/0            8.8.8.8             udp spts:1023:65535 dpt:53 
        0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            8.8.8.8             tcp spts:1023:65535 dpt:53 
        0     0 ACCEPT     udp  --  *      *       0.0.0.0/0            8.8.4.4             udp spts:1023:65535 dpt:53 
        0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            8.8.4.4             tcp spts:1023:65535 dpt:53 
        0     0 ACCEPT     udp  --  *      *       0.0.0.0/0            8.8.4.4             udp spts:1023:65535 dpt:53 
        0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            8.8.4.4             tcp spts:1023:65535 dpt:53 
        0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp spt:21 dpts:1023:65535 state RELATED,ESTABLISHED 
        0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           multiport dports 21,20 state RELATED,ESTABLISHED 
        0     0 ACCEPT     udp  --  *      *       0.0.0.0/0            0.0.0.0/0           multiport dports 21,20 state RELATED,ESTABLISHED 
        0     0 ACCEPT     udp  --  *      *       0.0.0.0/0            0.0.0.0/0           state NEW udp dpts:33434:33534 
       25  1940 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    
    Chain FRAG_UDP (2 references)
     pkts bytes target     prot opt in     out     source               destination         
        0     0 LOG        udp  -f  *      *       0.0.0.0/0            0.0.0.0/0           limit: avg 30/min burst 5 LOG flags 0 level 7 prefix `** UDP Frag ** ' 
        0     0 DROP       udp  -f  *      *       0.0.0.0/0            0.0.0.0/0           
    
    Chain IN_SANITY (1 references)
     pkts bytes target     prot opt in     out     source               destination         
        0     0 LOG        tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp flags:0x3F/0x00 limit: avg 30/min burst 5 LOG flags 0 level 7 prefix `** SANITY ** ' 
        0     0 DROP       tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp flags:0x3F/0x00 
        0     0 LOG        tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp flags:0x03/0x03 limit: avg 30/min burst 5 LOG flags 0 level 7 prefix `** SANITY ** ' 
        0     0 DROP       tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp flags:0x03/0x03 
        0     0 LOG        tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp flags:0x06/0x06 limit: avg 30/min burst 5 LOG flags 0 level 7 prefix `** SANITY ** ' 
        0     0 DROP       tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp flags:0x06/0x06 
        0     0 LOG        tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp flags:0x05/0x05 limit: avg 30/min burst 5 LOG flags 0 level 7 prefix `** SANITY ** ' 
        0     0 DROP       tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp flags:0x05/0x05 
        0     0 LOG        tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp flags:0x11/0x01 limit: avg 30/min burst 5 LOG flags 0 level 7 prefix `** SANITY ** ' 
        0     0 DROP       tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp flags:0x11/0x01 
        0     0 LOG        tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp flags:0x30/0x20 limit: avg 30/min burst 5 LOG flags 0 level 7 prefix `** SANITY ** ' 
        0     0 DROP       tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp flags:0x30/0x20 
        0     0 LOG        tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp flags:0x18/0x08 limit: avg 30/min burst 5 LOG flags 0 level 7 prefix `** SANITY ** ' 
        0     0 DROP       tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp flags:0x18/0x08 
        0     0 LOG        tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp flags:0x3F/0x29 limit: avg 30/min burst 5 LOG flags 0 level 7 prefix `** SANITY ** ' 
        0     0 DROP       tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp flags:0x3F/0x29 
        0     0 LOG        tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp flags:0x3F/0x37 limit: avg 30/min burst 5 LOG flags 0 level 7 prefix `** SANITY ** ' 
        0     0 DROP       tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp flags:0x3F/0x37 
        0     0 LOG        tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp flags:0x3F/0x3F limit: avg 30/min burst 5 LOG flags 0 level 7 prefix `** SANITY ** ' 
        0     0 DROP       tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp flags:0x3F/0x3F 
        0     0 LOG        tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp flags:0x3F/0x01 limit: avg 30/min burst 5 LOG flags 0 level 7 prefix `** SANITY ** ' 
        0     0 DROP       tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp flags:0x3F/0x01 
    
    Chain OUT_SANITY (1 references)
     pkts bytes target     prot opt in     out     source               destination         
        0     0 LOG        tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp flags:0x3F/0x00 limit: avg 30/min burst 5 LOG flags 0 level 7 prefix `** SANITY ** ' 
        0     0 DROP       tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp flags:0x3F/0x00 
        0     0 LOG        tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp flags:0x03/0x03 limit: avg 30/min burst 5 LOG flags 0 level 7 prefix `** SANITY ** ' 
        0     0 DROP       tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp flags:0x03/0x03 
        0     0 LOG        tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp flags:0x06/0x06 limit: avg 30/min burst 5 LOG flags 0 level 7 prefix `** SANITY ** ' 
        0     0 DROP       tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp flags:0x06/0x06 
        0     0 LOG        tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp flags:0x05/0x05 limit: avg 30/min burst 5 LOG flags 0 level 7 prefix `** SANITY ** ' 
        0     0 DROP       tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp flags:0x05/0x05 
        0     0 LOG        tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp flags:0x11/0x01 limit: avg 30/min burst 5 LOG flags 0 level 7 prefix `** SANITY ** ' 
        0     0 DROP       tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp flags:0x11/0x01 
        0     0 LOG        tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp flags:0x18/0x08 limit: avg 30/min burst 5 LOG flags 0 level 7 prefix `** SANITY ** ' 
        0     0 DROP       tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp flags:0x18/0x08 
        0     0 LOG        tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp flags:0x30/0x20 limit: avg 30/min burst 5 LOG flags 0 level 7 prefix `** SANITY ** ' 
        0     0 DROP       tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp flags:0x30/0x20 
    
    Chain P2P (2 references)
     pkts bytes target     prot opt in     out     source               destination         
        0     0 LOG        tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp spts:1024:65534 dpt:1214 limit: avg 30/min burst 5 LOG flags 0 level 7 prefix `** P2P ** ' 
        0     0 REJECT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp dpt:1214 reject-with icmp-port-unreachable 
        0     0 LOG        tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp spt:1214 dpts:1024:65534 limit: avg 30/min burst 5 LOG flags 0 level 7 prefix `** P2P ** ' 
        0     0 REJECT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp spt:1214 dpts:1024:65534 reject-with icmp-port-unreachable 
        0     0 LOG        udp  --  *      *       0.0.0.0/0            0.0.0.0/0           udp spts:1024:65534 dpt:1214 limit: avg 30/min burst 5 LOG flags 0 level 7 prefix `** P2P ** ' 
        0     0 REJECT     udp  --  *      *       0.0.0.0/0            0.0.0.0/0           udp spts:1024:65534 dpt:1214 reject-with icmp-port-unreachable 
        0     0 LOG        udp  --  *      *       0.0.0.0/0            0.0.0.0/0           udp spt:1214 dpts:1024:65534 limit: avg 30/min burst 5 LOG flags 0 level 7 prefix `** P2P ** ' 
        0     0 REJECT     udp  --  *      *       0.0.0.0/0            0.0.0.0/0           udp spt:1214 dpts:1024:65534 reject-with icmp-port-unreachable 
        0     0 LOG        tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp spts:1024:65534 dpt:2323 limit: avg 30/min burst 5 LOG flags 0 level 7 prefix `** P2P ** ' 
        0     0 REJECT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp dpt:2323 reject-with icmp-port-unreachable 
        0     0 LOG        tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp spt:2323 dpts:1024:65534 limit: avg 30/min burst 5 LOG flags 0 level 7 prefix `** P2P ** ' 
        0     0 REJECT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp spt:2323 dpts:1024:65534 reject-with icmp-port-unreachable 
        0     0 LOG        udp  --  *      *       0.0.0.0/0            0.0.0.0/0           udp spts:1024:65534 dpt:2323 limit: avg 30/min burst 5 LOG flags 0 level 7 prefix `** P2P ** ' 
        0     0 REJECT     udp  --  *      *       0.0.0.0/0            0.0.0.0/0           udp spts:1024:65534 dpt:2323 reject-with icmp-port-unreachable 
        0     0 LOG        udp  --  *      *       0.0.0.0/0            0.0.0.0/0           udp spt:2323 dpts:1024:65534 limit: avg 30/min burst 5 LOG flags 0 level 7 prefix `** P2P ** ' 
        0     0 REJECT     udp  --  *      *       0.0.0.0/0            0.0.0.0/0           udp spt:2323 dpts:1024:65534 reject-with icmp-port-unreachable 
        0     0 LOG        tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp spts:1024:65534 dpts:4660:4678 limit: avg 30/min burst 5 LOG flags 0 level 7 prefix `** P2P ** ' 
        0     0 REJECT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp spts:1024:65534 dpts:4660:4678 reject-with icmp-port-unreachable 
        0     0 LOG        tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp spts:4660:4678 dpts:1024:65534 limit: avg 30/min burst 5 LOG flags 0 level 7 prefix `** P2P ** ' 
        0     0 REJECT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp spts:4660:4678 dpts:1024:65534 reject-with icmp-port-unreachable 
        0     0 LOG        udp  --  *      *       0.0.0.0/0            0.0.0.0/0           udp spts:1024:65534 dpts:4660:4678 limit: avg 30/min burst 5 LOG flags 0 level 7 prefix `** P2P ** ' 
        0     0 REJECT     udp  --  *      *       0.0.0.0/0            0.0.0.0/0           udp spts:1024:65534 dpts:4660:4678 reject-with icmp-port-unreachable 
        0     0 LOG        udp  --  *      *       0.0.0.0/0            0.0.0.0/0           udp spts:4660:4678 dpts:1024:65534 limit: avg 30/min burst 5 LOG flags 0 level 7 prefix `** P2P ** ' 
        0     0 REJECT     udp  --  *      *       0.0.0.0/0            0.0.0.0/0           udp spts:4660:4678 dpts:1024:65534 reject-with icmp-port-unreachable 
        0     0 LOG        tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp spts:1024:65534 dpt:6257 limit: avg 30/min burst 5 LOG flags 0 level 7 prefix `** P2P ** ' 
        0     0 REJECT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp dpt:6257 reject-with icmp-port-unreachable 
        0     0 LOG        tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp spt:6257 dpts:1024:65534 limit: avg 30/min burst 5 LOG flags 0 level 7 prefix `** P2P ** ' 
        0     0 REJECT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp spt:6257 dpts:1024:65534 reject-with icmp-port-unreachable 
        0     0 LOG        udp  --  *      *       0.0.0.0/0            0.0.0.0/0           udp spts:1024:65534 dpt:6257 limit: avg 30/min burst 5 LOG flags 0 level 7 prefix `** P2P ** ' 
        0     0 REJECT     udp  --  *      *       0.0.0.0/0            0.0.0.0/0           udp spts:1024:65534 dpt:6257 reject-with icmp-port-unreachable 
        0     0 LOG        udp  --  *      *       0.0.0.0/0            0.0.0.0/0           udp spt:6257 dpts:1024:65534 limit: avg 30/min burst 5 LOG flags 0 level 7 prefix `** P2P ** ' 
        0     0 REJECT     udp  --  *      *       0.0.0.0/0            0.0.0.0/0           udp spt:6257 dpts:1024:65534 reject-with icmp-port-unreachable 
        0     0 LOG        tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp spts:1024:65534 dpt:6699 limit: avg 30/min burst 5 LOG flags 0 level 7 prefix `** P2P ** ' 
        0     0 REJECT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp dpt:6699 reject-with icmp-port-unreachable 
        0     0 LOG        tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp spt:6699 dpts:1024:65534 limit: avg 30/min burst 5 LOG flags 0 level 7 prefix `** P2P ** ' 
        0     0 REJECT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp spt:6699 dpts:1024:65534 reject-with icmp-port-unreachable 
        0     0 LOG        udp  --  *      *       0.0.0.0/0            0.0.0.0/0           udp spts:1024:65534 dpt:6699 limit: avg 30/min burst 5 LOG flags 0 level 7 prefix `** P2P ** ' 
        0     0 REJECT     udp  --  *      *       0.0.0.0/0            0.0.0.0/0           udp spts:1024:65534 dpt:6699 reject-with icmp-port-unreachable 
        0     0 LOG        udp  --  *      *       0.0.0.0/0            0.0.0.0/0           udp spt:6699 dpts:1024:65534 limit: avg 30/min burst 5 LOG flags 0 level 7 prefix `** P2P ** ' 
        0     0 REJECT     udp  --  *      *       0.0.0.0/0            0.0.0.0/0           udp spt:6699 dpts:1024:65534 reject-with icmp-port-unreachable 
        0     0 LOG        tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp spts:1024:65534 dpt:6346 limit: avg 30/min burst 5 LOG flags 0 level 7 prefix `** P2P ** ' 
        0     0 REJECT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp dpt:6346 reject-with icmp-port-unreachable 
        0     0 LOG        tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp spt:6346 dpts:1024:65534 limit: avg 30/min burst 5 LOG flags 0 level 7 prefix `** P2P ** ' 
        0     0 REJECT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp spt:6346 dpts:1024:65534 reject-with icmp-port-unreachable 
        0     0 LOG        udp  --  *      *       0.0.0.0/0            0.0.0.0/0           udp spts:1024:65534 dpt:6346 limit: avg 30/min burst 5 LOG flags 0 level 7 prefix `** P2P ** ' 
        0     0 REJECT     udp  --  *      *       0.0.0.0/0            0.0.0.0/0           udp spts:1024:65534 dpt:6346 reject-with icmp-port-unreachable 
        0     0 LOG        udp  --  *      *       0.0.0.0/0            0.0.0.0/0           udp spt:6346 dpts:1024:65534 limit: avg 30/min burst 5 LOG flags 0 level 7 prefix `** P2P ** ' 
        0     0 REJECT     udp  --  *      *       0.0.0.0/0            0.0.0.0/0           udp spt:6346 dpts:1024:65534 reject-with icmp-port-unreachable 
        0     0 LOG        tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp spts:1024:65534 dpt:6347 limit: avg 30/min burst 5 LOG flags 0 level 7 prefix `** P2P ** ' 
        0     0 REJECT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp dpt:6347 reject-with icmp-port-unreachable 
        0     0 LOG        tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp spt:6347 dpts:1024:65534 limit: avg 30/min burst 5 LOG flags 0 level 7 prefix `** P2P ** ' 
        0     0 REJECT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp spt:6347 dpts:1024:65534 reject-with icmp-port-unreachable 
        0     0 LOG        udp  --  *      *       0.0.0.0/0            0.0.0.0/0           udp spts:1024:65534 dpt:6347 limit: avg 30/min burst 5 LOG flags 0 level 7 prefix `** P2P ** ' 
        0     0 REJECT     udp  --  *      *       0.0.0.0/0            0.0.0.0/0           udp spts:1024:65534 dpt:6347 reject-with icmp-port-unreachable 
        0     0 LOG        udp  --  *      *       0.0.0.0/0            0.0.0.0/0           udp spt:6347 dpts:1024:65534 limit: avg 30/min burst 5 LOG flags 0 level 7 prefix `** P2P ** ' 
        0     0 REJECT     udp  --  *      *       0.0.0.0/0            0.0.0.0/0           udp spt:6347 dpts:1024:65534 reject-with icmp-port-unreachable 
        0     0 LOG        tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp spts:1024:65534 dpts:6881:6889 limit: avg 30/min burst 5 LOG flags 0 level 7 prefix `** P2P ** ' 
        0     0 REJECT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp spts:1024:65534 dpts:6881:6889 reject-with icmp-port-unreachable 
        0     0 LOG        tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp spts:6881:6889 dpts:1024:65534 limit: avg 30/min burst 5 LOG flags 0 level 7 prefix `** P2P ** ' 
        0     0 REJECT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp spts:6881:6889 dpts:1024:65534 reject-with icmp-port-unreachable 
        0     0 LOG        udp  --  *      *       0.0.0.0/0            0.0.0.0/0           udp spts:1024:65534 dpts:6881:6889 limit: avg 30/min burst 5 LOG flags 0 level 7 prefix `** P2P ** ' 
        0     0 REJECT     udp  --  *      *       0.0.0.0/0            0.0.0.0/0           udp spts:1024:65534 dpts:6881:6889 reject-with icmp-port-unreachable 
        0     0 LOG        udp  --  *      *       0.0.0.0/0            0.0.0.0/0           udp spts:6881:6889 dpts:1024:65534 limit: avg 30/min burst 5 LOG flags 0 level 7 prefix `** P2P ** ' 
        0     0 REJECT     udp  --  *      *       0.0.0.0/0            0.0.0.0/0           udp spts:6881:6889 dpts:1024:65534 reject-with icmp-port-unreachable 
        0     0 LOG        tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp spts:1024:65534 dpt:6346 limit: avg 30/min burst 5 LOG flags 0 level 7 prefix `** P2P ** ' 
        0     0 REJECT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp dpt:6346 reject-with icmp-port-unreachable 
        0     0 LOG        tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp spt:6346 dpts:1024:65534 limit: avg 30/min burst 5 LOG flags 0 level 7 prefix `** P2P ** ' 
        0     0 REJECT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp spt:6346 dpts:1024:65534 reject-with icmp-port-unreachable 
        0     0 LOG        udp  --  *      *       0.0.0.0/0            0.0.0.0/0           udp spts:1024:65534 dpt:6346 limit: avg 30/min burst 5 LOG flags 0 level 7 prefix `** P2P ** ' 
        0     0 REJECT     udp  --  *      *       0.0.0.0/0            0.0.0.0/0           udp spts:1024:65534 dpt:6346 reject-with icmp-port-unreachable 
        0     0 LOG        udp  --  *      *       0.0.0.0/0            0.0.0.0/0           udp spt:6346 dpts:1024:65534 limit: avg 30/min burst 5 LOG flags 0 level 7 prefix `** P2P ** ' 
        0     0 REJECT     udp  --  *      *       0.0.0.0/0            0.0.0.0/0           udp spt:6346 dpts:1024:65534 reject-with icmp-port-unreachable 
        0     0 LOG        tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp spts:1024:65534 dpt:7778 limit: avg 30/min burst 5 LOG flags 0 level 7 prefix `** P2P ** ' 
        0     0 REJECT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp dpt:7778 reject-with icmp-port-unreachable 
        0     0 LOG        tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp spt:7778 dpts:1024:65534 limit: avg 30/min burst 5 LOG flags 0 level 7 prefix `** P2P ** ' 
        0     0 REJECT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp spt:7778 dpts:1024:65534 reject-with icmp-port-unreachable 
        0     0 LOG        udp  --  *      *       0.0.0.0/0            0.0.0.0/0           udp spts:1024:65534 dpt:7778 limit: avg 30/min burst 5 LOG flags 0 level 7 prefix `** P2P ** ' 
        0     0 REJECT     udp  --  *      *       0.0.0.0/0            0.0.0.0/0           udp spts:1024:65534 dpt:7778 reject-with icmp-port-unreachable 
        0     0 LOG        udp  --  *      *       0.0.0.0/0            0.0.0.0/0           udp spt:7778 dpts:1024:65534 limit: avg 30/min burst 5 LOG flags 0 level 7 prefix `** P2P ** ' 
        0     0 REJECT     udp  --  *      *       0.0.0.0/0            0.0.0.0/0           udp spt:7778 dpts:1024:65534 reject-with icmp-port-unreachable 
    
    Chain PROHIBIT (0 references)
     pkts bytes target     prot opt in     out     source               destination         
        0     0 REJECT     all  --  *      *       0.0.0.0/0            0.0.0.0/0           reject-with icmp-host-prohibited 
    
    Chain PZERO (2 references)
     pkts bytes target     prot opt in     out     source               destination         
        0     0 LOG        tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp dpt:0 limit: avg 30/min burst 5 LOG flags 0 level 7 prefix `** Port Zero ** ' 
        0     0 DROP       tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp dpt:0 
        0     0 LOG        udp  --  *      *       0.0.0.0/0            0.0.0.0/0           udp dpt:0 limit: avg 30/min burst 5 LOG flags 0 level 7 prefix `** Port Zero ** ' 
        0     0 DROP       udp  --  *      *       0.0.0.0/0            0.0.0.0/0           udp dpt:0 
        0     0 LOG        tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp spt:0 limit: avg 30/min burst 5 LOG flags 0 level 7 prefix `** Port Zero ** ' 
        0     0 DROP       tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp spt:0 
        0     0 LOG        udp  --  *      *       0.0.0.0/0            0.0.0.0/0           udp spt:0 limit: avg 30/min burst 5 LOG flags 0 level 7 prefix `** Port Zero ** ' 
        0     0 DROP       udp  --  *      *       0.0.0.0/0            0.0.0.0/0           udp spt:0 
    
    Chain REFRESH_TEMP (2 references)
     pkts bytes target     prot opt in     out     source               destination         
    
    Chain RESET (0 references)
     pkts bytes target     prot opt in     out     source               destination         
        0     0 REJECT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           reject-with tcp-reset 
    
    Chain SSH_LOG (1 references)
     pkts bytes target     prot opt in     out     source               destination         
        2   100 LOG        tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp dpt:22 state NEW LOG flags 0 level 7 prefix `** SSH ** ' 
    
    Chain TALLOW (2 references)
     pkts bytes target     prot opt in     out     source               destination         
    
    Chain TDENY (2 references)
     pkts bytes target     prot opt in     out     source               destination         
        0     0 DROP       all  --  *      *       178.211.40.73        0.0.0.0/0           
        0     0 DROP       all  --  *      *       0.0.0.0/0            178.211.40.73       
    
    Chain TELNET_LOG (1 references)
     pkts bytes target     prot opt in     out     source               destination         
        0     0 LOG        tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp dpt:23 state NEW LOG flags 0 level 7 prefix `** TELNET ** ' 
    
    Chain TGALLOW (2 references)
     pkts bytes target     prot opt in     out     source               destination         
    
    Chain TGDENY (2 references)
     pkts bytes target     prot opt in     out     source               destination

  8. #8
    Join Date
    Nov 2013
    Posts
    97
    I don't see any chain for LOGGING. have you restarted the iptables?

  9. #9
    Join Date
    Oct 2012
    Posts
    33
    Quote Originally Posted by Natcoweb-Peter View Post
    I don't see any chain for LOGGING. have you restarted the iptables?

    I did disabled APF and add the rules you submitted but didn't work.

  10. #10
    Join Date
    Oct 2012
    Posts
    33
    Any help here?

  11. #11
    Join Date
    Nov 2013
    Posts
    97
    Maybe this would give you a help.

  12. #12
    Join Date
    Oct 2012
    Posts
    33
    I solved the issue.

    Starting the kernel log solved the issue. If anyone has the same issue, just PM me and we'll figure it out.

  13. #13
    Join Date
    Dec 2011
    Location
    Germany
    Posts
    1,154
    What do you mean by "Starting the kernel log solved the issue."? Restarting your syslogd? It would be useful if you'd explain in detailed how you resolved the issue, so other users and even visitors with the a similar issue can find a solution in here.
    Inbound Marketing & real SEO for web hosting providers
    ✎ Get in touch with me: co<at>infinitnet.de

  14. #14
    Join Date
    Oct 2012
    Posts
    33
    Quote Originally Posted by infinitnet View Post
    What do you mean by "Starting the kernel log solved the issue."? Restarting your syslogd? It would be useful if you'd explain in detailed how you resolved the issue, so other users and even visitors with the a similar issue can find a solution in here.
    OK then. When I do "service syslogd restart" it was saying PASSED for the kernel logging but OK for system logging. So I opened /etc/init.d/syslog and edited it to start kernel logging too and now everything is working well.

Similar Threads

  1. Problem with iptables logging on OpenVZ
    By rezilient in forum VPS Hosting
    Replies: 1
    Last Post: 06-23-2010, 12:02 AM
  2. *Linux IPTables Logging Packets on a Certain Port*
    By TomBoy123 in forum Hosting Security and Technology
    Replies: 3
    Last Post: 08-05-2008, 07:13 AM
  3. after flush+zero iptables, will a new iptables ban work?
    By Tertsi in forum Hosting Security and Technology
    Replies: 2
    Last Post: 01-06-2008, 12:04 AM
  4. [Debian] Iptables doesn't start at boot
    By qante in forum Hosting Security and Technology
    Replies: 3
    Last Post: 07-28-2005, 03:15 PM
  5. Why doesn't this iptables forward work?
    By pmak0 in forum Hosting Security and Technology
    Replies: 0
    Last Post: 03-17-2003, 05:00 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •