Results 1 to 2 of 2

Thread: Iptables logging in Ubuntu 20.04

  1. #1
    Join Date
    Oct 2022
    Beans
    1

    Iptables logging in Ubuntu 20.04

    I have set up Cowrie (2222) and SSH (2233) on a Ubuntu server. To block all traffic except Cowrie and SSH, I have run the following commands:


    iptables -A INPUT -p tcp --dport 2222 -j ACCEPT
    iptables -A INPUT -p tcp --dport 2233 -j ACCEPT
    iptables -P INPUT DROP


    I now need to log all SSH, Honeypot and Cowrie traffic with the following prefix


    "SSH_Traffic, Honeypot_Traffic, Blocked_Traffic".


    I believe I need to do something like this:

    iptables -A INPUT -j LOG
    iptables -A INPUT -j LOG --log-prefix "Blocked_Traffic" --log=level 4


    But, I am struggling with resources for iptables logging and would appreciate if someone could help?

  2. #2
    Join Date
    Feb 2011
    Location
    Coquitlam, B.C. Canada
    Beans
    3,587
    Distro
    Ubuntu Development Release

    Re: Iptables logging in Ubuntu 20.04

    Any follow-up information on your issue would be appreciated. Please have the courtesy to report back.

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •