我对我的服务器使用了以下配置:
iptables -F
iptables -A INPUT -j ACCEPT
iptables -A OUTPUT -j ACCEPT
iptables -A FORWARD -j ACCEPT
iptables -A INPUT -j LOG
iptables -A OUTPUT -j LOG
iptables -A FORWARD -j LOG
之后我保存了配置:
iptables-save > /etc/iptables/rules.v4
现在我的 /etc/iptables/rules.v4 看起来是这样的:
# Generated by iptables-save v1.8.7 on Thu Nov 30 13:10:32 2023
*filter
:INPUT ACCEPT [347:25809]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [254:44644]
-A INPUT -j ACCEPT
-A INPUT -j LOG
-A FORWARD -j ACCEPT
-A FORWARD -j LOG
-A OUTPUT -j ACCEPT
-A OUTPUT -j LOG
COMMIT
# Completed on Thu Nov 30 13:10:32 2023
# Generated by iptables-save v1.8.7 on Thu Nov 30 13:10:32 2023
*nat
:PREROUTING ACCEPT [0:0]
:INPUT ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
COMMIT
# Completed on Thu Nov 30 13:10:32 2023
我还成功将其保存到 netfilter-persistent:
netfilter-persistent save
保存后我更改了 /etc/rsyslog.d/50-default.conf(添加了 /var/log/iptables.log):
# Default rules for rsyslog.
#
# For more information see rsyslog.conf(5) and /etc/rsyslog.conf
#
# First some standard log files. Log by facility.
#
auth,authpriv.* /var/log/auth.log
*.*;auth,authpriv.none -/var/log/syslog
#cron.* /var/log/cron.log
#daemon.* -/var/log/daemon.log
#kern.* -/var/log/kern.log
kern.* /var/log/iptables.log
#lpr.* -/var/log/lpr.log
mail.* -/var/log/mail.log
#user.* -/var/log/user.log
mail.err /var/log/mail.err
*.emerg :omusrmsg:*
现在我重新启动了上面提到的所有服务:
systemctl restart iptables
systemctl restart netfilter-persistent
systemctl restart rsyslog
但是 iptables.log 仍然是空的......
我不明白为什么 LOG 目标中没有数据包:
iptables -L -v -n
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
1060 81351 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 4
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
699 83429 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 4
谢谢您的任何回复。