[techtalk] ipchains logs and nmap audit (fwd)
Beverly Guillermo
mezanin at home.com
Sun Jan 23 01:37:02 EST 2000
I was looking at the ipchains manpage and I got this about the option that
you're using.
-l, --log
Turn on kernel logging of matching packets. When
this option is set for a rule, the Linux kernel
will print some information of all matching packets
(like most IP header fields) via printk().
What exactly is printk()? I haven't found any information about that
particular function.
Beverly
On Sat, 22 Jan 2000, Subba Rao wrote:
>
> I have several ipchain rules. One of them is:
>
> ipchains -A input -i ppp0 -p TCP --destination-port 21 -l -j DENY
>
> Why are these ipchains not doing any logging? I do have the -l option
> invoked for logging. The packet is supposed to be denied at the IP level
> and then logged into syslog. When I try to connect from another address to
> the IP address of the ppp0 interface, nothing gets logged. Instead, the tcplogd daemon
> captures it into the log. tcplogd is an application level filter and not at IP level.
> Why is this ipchains rule (and others) not getting logged?
>
> The kernel is 2.2.14.
>
> None of the connections to the services are getting logged by ipchains filters.
>
> I have used nmap on the ppp0 interface and yet it is not getting logged.
>
> How are you auditing your services on the ppp0 interface? What options in ipchains
> are you using to do the logging?
>
> Thank you in advance.
>
> Subba Rao
> subb3 at attglobal.net
> http://pws.prserv.net/truemax/
>
> => Time is relative. Here is a new way to look at time. <=
> http://www.smcinnovations.com
>
>
> ************
> techtalk at linuxchix.org http://www.linuxchix.org
>
-----------------------------------------------------------------
bguill at home.com http://members.home.com/bguill/
************
techtalk at linuxchix.org http://www.linuxchix.org
More information about the Techtalk
mailing list