* 참고 링크
https://unix.stackexchange.com/questions/423778/log-iptables-events-on-centos-7
http://flowvalue.tistory.com/2
[rsyslog 수정 (root)]
# vi /etc/rsyslog.conf
// add rule
...
#### RULES ####
...
kern.* /var/log/iptables.log
[rsyslog 재시작 (root)]
# service rsyslog restart
or
# systemctl restart rsyslog
[iptables 수정 (root)]
# vi /etc/sysconfig/iptables
*filter
...
*nat
...
-A PREROUTING ~~~
-A INPUT ~~~
-A OUTPUT ~~~
...
-A INPUT -m limit --limit 5/min -j LOG --log-prefix "iptables denied: "
COMMIT
[iptables 재시작 (root)]
# systemctl restart iptables
log level - warn
iptables -A INPUT -j LOG --log-prefix "BAD_INPUT: " --log-level 4
iptables -A FORWARD -j LOG --log-prefix "BAD_FORWARD: " --log-level 4
iptables -A OUTPUT -j LOG --log-prefix "BAD_OUTPUT: " --log-level 4
log level - debug
iptables -A INPUT -j LOG --log-prefix "BAD_INPUT: " --log-level 7
iptables -A FORWARD -j LOG --log-prefix "BAD_FORWARD: " --log-level 7
iptables -A OUTPUT -j LOG --log-prefix "BAD_OUTPUT: " --log-level 7
'Programming > Server' 카테고리의 다른 글
| [Ubuntu] AWS - Ubuntu locale 한글 변경 (0) | 2019.01.14 |
|---|---|
| [Linux] expect spawn 사용 - expect eof 후 invalid command name 오휴 (0) | 2019.01.04 |
| [FCM] 서버측 UnknownHostException (0) | 2018.10.01 |
| [CentOS 7] systemd 기본 설정 (0) | 2018.09.30 |
| 크롤링 robots.txt 주의점 (0) | 2018.09.19 |