# ========================================================================= # $Id: log.conf 41 2005-10-30 23:39:47Z s0undt3ch $ # ========================================================================= # Please read the README for more info. # # Many systems use /var/log/syslog for logging # # Logging facility to use. Default is syslog, as you # must have ulog support in your kernel, and your # userspace iptables, as well as have ulogd properly # configured and running to use ulog. LOG_FACILITY=syslog #LOG_FACILITY=ulog # This will make a log of all new connections established # on the external device LOG_EST_EXT=0 # This will log all new connections established on your # internal device(s) LOG_EST_INT=0 # Log packets that aren't caught by any specific rules LOG_CATCH_ALL=1 # Log port scans LOG_PORT_SCANS=1 # How many syslog entries per second (or minute) per rule? LOG_FLOOD="3/s" #LOG_FLOOD="1/m" # Log dropped icmp echo request packets beyond what you have # specified in PING_FLOOD LOG_PING=1 # Log packets potentially related to a Denial of Service attack LOG_DOS=1 # Log invalid packets LOG_INVALID=1 # Log fragmented packets LOG_FRAGMENTS=1 # Drop packets on these tcp ports without logging DONT_LOG_TCP="137 6666" # Drop packets on these udp ports without logging DONT_LOG_UDP="1434"