[Nelug] Re: [general] iptables doing unwanted logging
james.barton at blueyonder.co.uk
Tue Aug 12 14:32:00 UTC 2003
Chris Burton said:
>> Now I think they should have been caught by this rule (the variables for
>> the name and the IP address do have the right values):
>> $IPTABLES -A INPUT -i $EXTERNAL_IF_1 -p TCP -s $ANYWHERE -d
>> --dport 20:24 -j ACCEPT
>> and hence not logged. What have I missed?
> You have these lines ..
> #echo -e "Denying UDP, except DNS."
> $IPTABLES -A INPUT -i $EXTERNAL_IF_1 -j LOG
> Which might be catching it, I havnt looked too close but thats a first
Dead right, thanks Chris. Might have worked it out if I'd grepped for
'LOG' instead of 'log', or thought that SSH might be over UDP. Silly me.
More information about the Nelug