bobfandango
Occasional Visitor
I'm trying to log all web page access using Iptables.
I placed the following in /jffs/scripts/firewall-start and rebooted...
After reboot and browsing to a few websites, there is one and only one entry in syslog.log (excerpted below) from this iptables entry.
The router is connecting to ns1.asuscomm.com during boot, and the rule fires and is logged, but no other events are ever logged.
iptables -L shows that the entry is still there (OUTPUT chain shown below), so I assume logging is getting fubar somehow.
Ideas anyone? Thanks in advance!
P.S. I'm running 3.0.0.4_374.32 on an AC66U
I placed the following in /jffs/scripts/firewall-start and rebooted...
Code:
#!/bin/sh
iptables -I OUTPUT -o eth+ -p tcp --dport 80 -m state --state NEW -j LOG --log-level 7 --log-prefix "FIREWALL: "
touch /tmp/firewallstarted
After reboot and browsing to a few websites, there is one and only one entry in syslog.log (excerpted below) from this iptables entry.
Code:
Dec 31 16:00:24 kernel: FIREWALL: <7>FIREWALL: IN= OUT=eth0 <1>SRC=192.168.1.2 DST=103.10.4.108 <1>LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=59613 DF PROTO=TCP <1>SPT=38716 DPT=80 WINDOW=5840 RES=0x00 SYN URGP=0
Dec 31 16:00:25 ddns update: connected to ns1.asuscomm.com (103.10.4.108) on port 80.
The router is connecting to ns1.asuscomm.com during boot, and the rule fires and is logged, but no other events are ever logged.
iptables -L shows that the entry is still there (OUTPUT chain shown below), so I assume logging is getting fubar somehow.
Code:
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
LOG tcp -- anywhere anywhere tcp dpt:www state NEW LOG level debug prefix `FIREWALL: '
Ideas anyone? Thanks in advance!
P.S. I'm running 3.0.0.4_374.32 on an AC66U
Last edited: