Re: [fwAnalog] fwanalog sample report

From: Balázs Bárány (
Date: Mon Aug 19 2002 - 23:58:50 CEST


You have to change your block rules so that they log the log prefix.

Don't use spaces in your log prefixes except at the end, like in my examples below.

iptables -A badhosts $log_limit -j LOG --log-prefix 'badhost '

iptables -A spoofed -i $iface_inet -s $address -j LOG --log-prefix 'spoofed_src_in '

iptables -A nmap -p tcp --tcp-flags SYN,RST SYN,RST $log_limit -j LOG --log-prefix 'nmap_syn/rst_scan '

iptables -A INPUT -i $iface_inet $log_limit -j LOG --log-prefix 'unspecified_in '


