Hi all... I've got a simple firewall script setup. It blocks everything except incoming ssh connections. This is on my desktop machine at work.

Is there any way to set it up so that when incoming connections are attempted either everything is logged somewhere (preferrably in its own log file, not in messages, etc), or a separate app/script is called (so I can make a popup with kdialog or something...)

The script in question:



#!/bin/bash
# flush rules
iptables -F
# allow localhost for all
iptables -A INPUT -i lo -j ACCEPT

#drop everything
iptables -A INPUT -p tcp -m tcp --syn -j REJECT
iptables -A INPUT -p udp -m udp -j REJECT

#allow connections that are already there
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

#allow dhcp
iptables -A INPUT -p udp -m udp -s 0/0 --sport 67:68 -d 0/0 --dport 67:68 -i eth 1 -j ACCEPT

#allow ssh in
iptables -A INPUT -p tcp -m tcp --dport 22 --syn -j ACCEPT
iptables -A INPUT -p udp -m udp --dport 22 -j ACCEPT

#allow dns
iptables -A INPUT -p udp -m udp -s 172.16.6.96 --sport 53 -d 0/0 -j ACCEPT
iptables -A INPUT -p udp -m udp -s 172.16.6.97 --sport 53 -d 0/0 -j ACCEPT