{"id":1546,"date":"2014-11-26T00:44:24","date_gmt":"2014-11-25T23:44:24","guid":{"rendered":"http:\/\/blog.techmedia.pl\/?p=1546"},"modified":"2016-01-31T16:01:21","modified_gmt":"2016-01-31T15:01:21","slug":"change-iptables-log-file","status":"publish","type":"post","link":"https:\/\/www.techmedia.pl\/blog\/change-iptables-log-file\/","title":{"rendered":"Change IPTABLES log file"},"content":{"rendered":"

Domy\u015blnie w Ubuntu 14.04 iptables loguje ruch w pliku \/var\/log\/syslog. Mo\u017cemy to zmieni\u0107 poprzez dodanie unikalnego prefiksu do regu\u0142ki iptables jak w przyk\u0142adzie poni\u017cej:<\/p>\n

iptables -A INPUT -s 192.168.0.0\/24 -i eth0 -j LOG --log-prefix='[spoofing] '<\/pre>\n
Teraz wystarczy edytowa\u0107 plik \/etc\/rsyslog.d\/20-ufw.conf<\/span> i doda\u0107 do niego odpowiedni filtr:<\/p>\n
:msg,contains,\"[spoofing] \" \/var\/log\/iptables.log<\/pre>\n
Po restarcie rsysloga poni\u017cszym poleceniem:<\/p>\n
root@server:\/# service rsyslog restart<\/strong><\/pre>\n
ca\u0142y ruch z regu\u0142ek oznaczonych jak powy\u017cej b\u0119dzie trafia\u0142 do pliku: \/var\/log\/iptables.log<\/span>.<\/em><\/p>\n","protected":false},"excerpt":{"rendered":"
Domy\u015blnie w Ubuntu 14.04 iptables loguje ruch w pliku \/var\/log\/syslog. Mo\u017cemy to zmieni\u0107 poprzez dodanie unikalnego prefiksu do regu\u0142ki iptables jak w przyk\u0142adzie poni\u017cej: iptables -A INPUT -s 192.168.0.0\/24 -i eth0 -j LOG –log-prefix='[spoofing] \u201a Teraz wystarczy edytowa\u0107 plik \/etc\/rsyslog.d\/20-ufw.conf i doda\u0107 do niego odpowiedni filtr: :msg,contains,”[spoofing] ” \/var\/log\/iptables.log Po restarcie rsysloga poni\u017cszym poleceniem: root@server:\/# […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":[],"categories":[7,4],"tags":[28,161,106],"yst_prominent_words":[],"_links":{"self":[{"href":"https:\/\/www.techmedia.pl\/blog\/wp-json\/wp\/v2\/posts\/1546"}],"collection":[{"href":"https:\/\/www.techmedia.pl\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.techmedia.pl\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.techmedia.pl\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.techmedia.pl\/blog\/wp-json\/wp\/v2\/comments?post=1546"}],"version-history":[{"count":2,"href":"https:\/\/www.techmedia.pl\/blog\/wp-json\/wp\/v2\/posts\/1546\/revisions"}],"predecessor-version":[{"id":1946,"href":"https:\/\/www.techmedia.pl\/blog\/wp-json\/wp\/v2\/posts\/1546\/revisions\/1946"}],"wp:attachment":[{"href":"https:\/\/www.techmedia.pl\/blog\/wp-json\/wp\/v2\/media?parent=1546"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.techmedia.pl\/blog\/wp-json\/wp\/v2\/categories?post=1546"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.techmedia.pl\/blog\/wp-json\/wp\/v2\/tags?post=1546"},{"taxonomy":"yst_prominent_words","embeddable":true,"href":"https:\/\/www.techmedia.pl\/blog\/wp-json\/wp\/v2\/yst_prominent_words?post=1546"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}