On Sat, 19 Jul 2003 12:07:36 -0600, Rodolfo J. Paiz <rpaiz@simpaticus.com>
wrote:
> Tom,
>
> It occurred to me recently that Portsentry reports all the blocks as
> being a probe on 49999, which is only logical as that''s where it
sees
> them. But shorewall, since it accepted the traffic for REDIRECT, does not
> log any message (again logical). The issue then is that I do not know on
> which of the hostile ports the probes took place, and I would like to
> know that information.
>
> I have not been able to figure out how to log those packets which are
> accepted by one of my REDIRECT rules; could you perhaps point me to the
> right documentation?
REDIRECT:<log level>
-Tom
--
Tom Eastep \ Shorewall - iptables made easy
Shoreline, \ http://shorewall.net
Washington USA \ teastep@shorewall.net