记录 iptables Ubuntu 22.04

tag-icon tag-icon iptables logging
记录 iptables Ubuntu 22.04

我对我的服务器使用了以下配置:

iptables -F
iptables -A INPUT -j ACCEPT
iptables -A OUTPUT -j ACCEPT
iptables -A FORWARD -j ACCEPT
iptables -A INPUT -j LOG
iptables -A OUTPUT -j LOG
iptables -A FORWARD -j LOG

之后我保存了配置:

iptables-save > /etc/iptables/rules.v4

现在我的 /etc/iptables/rules.v4 看起来是这样的:

# Generated by iptables-save v1.8.7 on Thu Nov 30 13:10:32 2023
*filter
:INPUT ACCEPT [347:25809]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [254:44644]
-A INPUT -j ACCEPT
-A INPUT -j LOG
-A FORWARD -j ACCEPT
-A FORWARD -j LOG
-A OUTPUT -j ACCEPT
-A OUTPUT -j LOG
COMMIT
# Completed on Thu Nov 30 13:10:32 2023
# Generated by iptables-save v1.8.7 on Thu Nov 30 13:10:32 2023
*nat
:PREROUTING ACCEPT [0:0]
:INPUT ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
COMMIT
# Completed on Thu Nov 30 13:10:32 2023

我还成功将其保存到 netfilter-persistent:

netfilter-persistent save

保存后我更改了 /etc/rsyslog.d/50-default.conf(添加了 /var/log/iptables.log):

#      Default rules for rsyslog.
#
#                       For more information see rsyslog.conf(5) and /etc/rsyslog.conf

#
# First some standard log files.  Log by facility.
#
auth,authpriv.*                 /var/log/auth.log
*.*;auth,authpriv.none          -/var/log/syslog
#cron.*                         /var/log/cron.log
#daemon.*                       -/var/log/daemon.log
#kern.*                         -/var/log/kern.log
kern.*                          /var/log/iptables.log
#lpr.*                          -/var/log/lpr.log
mail.*                          -/var/log/mail.log
#user.*                         -/var/log/user.log
mail.err                        /var/log/mail.err
*.emerg                         :omusrmsg:*

现在我重新启动了上面提到的所有服务:

systemctl restart iptables
systemctl restart netfilter-persistent
systemctl restart rsyslog

但是 iptables.log 仍然是空的......

我不明白为什么 LOG 目标中没有数据包:

iptables -L -v -n
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         
 1060 81351 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            LOG flags 0 level 4

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         
  699 83429 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            LOG flags 0 level 4

谢谢您的任何回复。

相关内容