ipchains logs and nmap audit
Derek Martin
dmartin at ne.arris-i.com
Mon Jan 24 01:31:35 EST 2000
On Sat, 22 Jan 2000, Subba Rao wrote:
>
> I have several ipchain rules. One of them is:
>
> ipchains -A input -i ppp0 -p TCP --destination-port 21 -l -j DENY
>
> Why are these ipchains not doing any logging? I do have the -l option
The most likely answer is that the packet you are watching is matching
another rule earlier in the chain. The rules are checked in the order
they are appended, and stop once a match is found...
I'll bet if you put this at the beginning of the chain, you'll see it get
logged. Order IS important!
--
"Quis custodiet ipsos custodes?" "Who watches the watchmen?"
-Juvenal, Satires, VI, 347
Derek D. Martin | Senior UNIX Systems/Network Administrator
Arris Interactive | A Nortel Company
derekm at mediaone.net | dmartin at ne.arris-i.com
-------------------------------------------------
-
Subcription/unsubscription/info requests: send e-mail with
"subscribe", "unsubscribe", or "info" on the first line of the
message body to discuss-request at blu.org (Subject line is ignored).
More information about the Discuss
mailing list