On Mon, 2005-03-07 at 20:06 +0800, Shu Hung (Koala) wrote: > How to turn on logging of iptables? > > Koala > > Bob Chiodini wrote: > > >On Mon, 2005-03-07 at 12:52 +0800, Shu Hung (Koala) wrote: > > > > > >>Hello > >>I've been working on a Samba machine for a while. > >>Recently, I tried to turn on its firewall. > >>But my configuration to iptables is flawed somehow -- it is half right > >>and half wrong. > >> > >>Here is what I've done: > >> - I used system-config-securitylevel to config new ports to open > >> - I've opened ports 139:tcp, 445:tcp, 137:udp, 138:udp > >> - I restart the iptables to load up the configs. > >> > >>Here is the consequence right now: > >> - As I reboot my client PC, I cannot connect to samba shared folders -- > >>unless I stop iptables first > >> - After I've connected to Samba once, I can connect to Samba as many > >>time as I want to -- even if I start iptables again. > >> > >>I guest one more port or something is responsible for the first > >>connection to the server. > >>Does anybody have any idea? > >> > >>-- > >> > >> > >Try turning on logging in iptables, if it's not already. > >Check /var/log/messages to see what is being dropped, related to your > >client. > > > >Bob... > > > > > > > > -- > Technical Support, DigitalOne Limited > Tel: 8100-2616 / 2545-1383 > Fax: 2815-0593 > > > > -- > No virus found in this outgoing message. > Checked by AVG Anti-Virus. > Version: 7.0.308 / Virus Database: 266.6.2 - Release Date: 4/3/2005 > It depends on how you set up your firewall. man iptables and search for LOG. You have to add a LOG rule before your REJECT or DROP rules. Bob...
