Zamierzalem logowac "prefixy" z regol iptables ale niestety brak logow.
Moje Ubuntu:
Kod: Zaznacz cały
lsb_release -a
LSB Version: core-9.20160110ubuntu5-amd64:core-9.20160110ubuntu5-noarch:security-9.20160110ubuntu5-amd64:security-9.20160110ubuntu5-noarch
Distributor ID: Ubuntu
Description: Ubuntu 16.10
Release: 16.10
Codename: yakkety
Kod: Zaznacz cały
uname -mrs
Linux 4.8.0-39-generic x86_64
Kod: Zaznacz cały
dpkg -l | grep iptables
ii iptables 1.6.0-3ubuntu2 amd64 administration tools for packet filtering and NAT
ii iptables-dev 1.6.0-3ubuntu2 all transitional dummy package
ii iptables-persistent 1.0.4+nmu1 all boot-time loader for netfilter rules, iptables plugin
Kod: Zaznacz cały
systemctl status firewall.service
● firewall.service - Iptables firewall
Loaded: loaded (/etc/systemd/system/firewall.service; enabled; vendor preset: enabled)
Active: active (exited) since Thu 2017-05-04 15:57:45 IST; 5h 22min ago
Main PID: 336 (code=exited, status=0/SUCCESS)
Tasks: 0 (limit: 4915)
Memory: 0B
CPU: 0
CGroup: /system.slice/firewall.service
Kod: Zaznacz cały
dpkg -l | grep ulogd2
ii ulogd2 2.0.5-3 amd64 Netfilter Userspace Logging Daemon
Kod: Zaznacz cały
[Unit]
Description=Netfilter Userspace Logging Daemon
[Service]
Type=forking
PIDFile=/run/ulog/ulogd.pid
ExecStart=/usr/sbin/ulogd --daemon --uid ulog --pidfile /run/ulog/ulogd.pid
[Install]
Alias=ulogd.service
WantedBy=multi-user.target
Kod: Zaznacz cały
systemctl status ulogd2.service
● ulogd2.service - Netfilter Userspace Logging Daemon
Loaded: loaded (/lib/systemd/system/ulogd2.service; enabled; vendor preset: enabled)
Active: active (running) since Thu 2017-05-04 17:57:53 IST; 3h 20min ago
Main PID: 10523 (ulogd)
Tasks: 1 (limit: 4915)
Memory: 828.0K
CPU: 4ms
CGroup: /system.slice/ulogd2.service
└─10523 /usr/sbin/ulogd --daemon --uid ulog --pidfile /run/ulog/ulogd.pid
Kod: Zaznacz cały
iptables -I INPUT -m conntrack --ctstate NEW,INVALID -j ULOG --ulog-nlgroup 32 --ulog-prefix "input1"
iptables -A INPUT -m limit --limit 5/min -j ULOG --ulog-nlgroup 32 --ulog-prefix "iptables denied" --log-level 7
iptables -I OUTPUT 1 -m conntrack --ctstate NEW,INVALID -j ULOG --ulog-nlgroup 32 --ulog-prefix "output1"
Usluga firewall.service dziala bezblednie.
Wsrod mozliwych przyczyn braku logow "preffixow" moim zdaniem moga byc:
- bledy w konfigu ww regol iptables ?
- blad w konfigu ulogd2.service ?
- inne?
Bylbym bardzo wdzieczny za skuteczna pomoc w rozwiklaniu tej zagadki.
Ps. Gdyby ktos na tym forum uzywal ulogd2 i mial jego ulogd.config plik z wlaczonym i dzialajacym pluginem NFLOG - to by juz rozwiazywalo moj problem.
Pozdrawiam.