If you are unfortuante enough to be working with Ubuntu you might have come accross UFW - a wrapper for IPTables that aims to 'simplify' management of the firewall.
To enable logging in UFW you should firstly ensure its not already turned on with:
sudo ufw status verbose | grep logging
and if not enabled issue:
sudo ufw logging on
We can also adjust the logging level with:
ufw logging [low] | [medium] | [full]
Low: Provides information on all dropped packets and packets that are setup to be logged.
Medium: Matches all low level events plus all Invalid packets and any new connections.
High: Matches all medium level events plus all packets with the exception of rate limiting.
Full: Logs everything.
The logs are typically located within:
/var/log/ufw
e.g. tail -f /var/log/ufw/ufw.log
No comments:
Post a Comment