iptablesã§ãƒã‚°ã‚’å‡ºåŠ›ã™ã‚‹ - FAT47ã®åº•è¾ºã‚¤ãƒ³ãƒ•ãƒ©è°äº‹éŒ²

ä¸€éƒ¨ã®é€šä¿¡ã®ç–Žé€šãŒã†ã¾ãã§ããªã‹ã£ãŸã®ã§ã€iptablesã§ãƒã‚°ã‚’å‡ºåŠ›ã™ã‚‹å¿…è¦ãŒã‚ã£ãŸæ™‚ã®ä½œæ¥ãƒ¡ãƒ¢ã€‚

ã‚„ã‚‹ã“ã¨
1.iptablesã§ãƒã‚°å‡ºåŠ›è¨å®š
2.syslog.confã®ãƒã‚°å‡ºåŠ›å…ˆè¨å®š
3.ãƒã‚°ãƒ•ã‚¡ã‚¤ãƒ«ä½œæˆ
4.syslogdã®å†èµ·å‹•

1.iptablesã§ãƒã‚°å‡ºåŠ›è¨å®š

iptables -A INPUT -j LOG --log-prefix "IPTABLES_INPUT_LOG : " --log-level=info

2.syslog.confã®ãƒã‚°å‡ºåŠ›å…ˆè¨å®š

vim /etc/syslog.conf
# iptables log
*kern.debug /var/log/iptables

ã¤ã„ã§ã«/var/log/messageã«iptablesã®ãƒã‚°å‡ºã•ãªã„ã‚ˆã†ã«ã—ã¨ã
åŒã˜ãsyslog.confå†…ã®

ï¼Š.info;mail.none;news.none;authpriv.none;cron.none /var/log/messages

ã‚’â†“ã«å¤‰æ›´ï¼ˆkern.noneï¼‰ã®è¿½è¨˜

ï¼Š.info;mail.none;news.none;authpriv.none;cron.none;kern.none /var/log/messages

3.ãƒã‚°ãƒ•ã‚¡ã‚¤ãƒ«ä½œæˆ

touch /var/log/iptables
chmod 600 /var/log/iptables

4.syslogdã®å†èµ·å‹•

/etc/init.d/syslog restart

ã“ã‚Œã§/var/log/iptablesã«ãƒã‚°ã§ã‚‹ã‚ˆã†ã«ãªã‚Šã¾ã™ã€‚
æ¤œè¨¼ãŒçµ‚äº†ã—ãŸã‚‰ãƒã‚°å‡ºåŠ›ã‚’ã‚ªãƒ•ã«ã™ã‚‹ã®ã‚’å¿˜ã‚Œãšã«ã€‚é€šä¿¡ãŒå¤šã„ç®‡æ‰€ã ã¨ãƒ‘ãƒ•ã‚©ãƒ¼ãƒžãƒ³ã‚¹ä¸‹ãŒã‚Šã¾ã™ã€‚

ã€è¿½è¨˜ã€‘
iptablesã®è¨å®šã‚’ä¿å˜ã™ã‚‹å ´åˆ

service iptables save