[iptables]iptables 添加log到syslog

比如iptables本来有这么一条：

-A PREROUTING -d 125.65.27.xxx/32 -p tcp -m tcp --dport 11060 -j DNAT --to-destination 10.1.104.41:911

要将符合该条记录的封包的信息记录到syslog

需要在之前插入一条:

iptables -t nat -I PREROUTING 1 -d 125.65.27.xxx -p tcp -m tcp --dport 11060 -j LOG --log-prefix "[iptables 911:] " --log-level 7

log level 分类

log level to any level you want. The levels are, 0 emerg, 1 alert, 2 crit, 3 err, 4 warning, 5 notice, 6 info, 7 debug. You can use the number or the word in the rule.

posted @ 2014-03-26 22:10 silence.li 阅读(946) 评论(2) 编辑收藏举报

刷新页面返回顶部