Hi There,
I'm having an issue on a VPS with Ubuntu 16.04. I've set up a couple of basic iptables rules and they are working, the only thing not working is that the logging does not write to a specific file, the output of the log rules is visible in the #dmesg .
Uname -a:
Code:
Linux xxxxxx.stratoserver.net 4.4.0-042stab113.21 #1 SMP Wed Mar 23 11:05:25 MSK 2016 x86_64 x86_64 x86_64 GNU/Linux
Code:
# Generated by iptables-save v1.6.0 on Thu Aug 11 10:24:51 2016 *filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [164:23958] :LOGNDROP - [0:0] :PGOWEB - [0:0] -A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT -A INPUT -s 1.2.3.4/32 -p tcp -m tcp --dport 22 -j ACCEPT -A INPUT -s 1.2.3.5/32 -p tcp -m tcp --dport 22 -j ACCEPT #-A INPUT -s 1.2.3.4/32 -p icmp -j ACCEPT -A INPUT -s 1.2.3.5/32 -p icmp -j ACCEPT -A INPUT -p tcp -m tcp --dport 8000 -j PGOWEB -A INPUT -j LOGNDROP -A LOGNDROP -p tcp -m limit --limit 5/min -j LOG --log-prefix "iptables Denied TCP: " --log-level 7 -A LOGNDROP -p udp -m limit --limit 5/min -j LOG --log-prefix "iptables Denied UDP: " --log-level 7 -A LOGNDROP -p icmp -m limit --limit 5/min -j LOG --log-prefix "iptables Denied ICMP: " --log-level 7 -A LOGNDROP -j DROP -A PGOWEB -s 1.2.3.4/32 -j ACCEPT -A PGOWEB -s 1.2.3.5/32 -j ACCEPT -A PGOWEB -j LOGNDROP COMMIT # Completed on Thu Aug 11 10:24:51 2016
Code:
if ( $msg contains 'iptables Denied ' )
then {
/var/log/10-iptables.log
stop
}
I can confirm on a non VPS machine that this configuration is working and the file is being created and written to.
I can't seem to figure out why this is not working on the vps, any help would be great!
[server] VPS Ubuntu 16.04 - iptables logging not writing to log file
Aucun commentaire:
Enregistrer un commentaire