ive specified my ipchains as:
ipchains -A input -s 0/0 -d <my-ip>/32 -i eth0 -l -j ACCEPT

ipchains -A output -s <my-ip>/32 -s 0/0 -i eth0 -l -j ACCEPT

why is it that there is no logging happening in my /var/log/messages when i accessing external webserver?

i've already checked in /etc/syslog.conf that kernel.info is set to be logged in /var/log/messages

thanks

It's been a while since I set up my firewall script, but as far as I remember, those lines in your script don't indicate that the activities should be logged, so they won't be.

------------------
...meanwhile, I remain...
...The RedHatted Stepchild...

but i have put -l for logging isn't it? is it because that i accept the packet that it will not be logged?

I believe logging only occurs when the rule isn't met. Or on errors.

It should log anything, as long as the rule is met.(or not met, depending on how things are setup) ie: I log all packets of a certain port which I only allow for certain IP's. The rest are denied. So both the denied and accepted packets are logged..

Try something like this:


ipchains -A output -i eth0 -p tcp --destination-port 80 -j ACCEPT -l


Have fun watching /var/log fill up. http://www.linuxnewbie.org/ubb/smile.gif

-r


[This message has been edited by iDxMan (edited 12 October 2000).]

Remember... FIRST MATCHING

All of your INPUT rules form a CHAIN, in the order that they were created. The same with your OUTPUT rules. When a packet is judged by the firewall, it checks it against each rule of the chain, in sequence, until either it matches one of the rules, or reaches the end of the chains.

If it matches one of the rules, an action is taken on the packet specified by the -j flag in the rule, and it's not checked against any other rules in the chain. (If it reaches the end of the chain without matching any rules, an action is taken on it equal to the default policy on the chain.)

That's your problem.