iptables Problem auf Linux vServer

Alles rund um Netzwerktechnik und Protokolle
raupy
Posts: 1
Joined: 2011-08-27 15:01

iptables Problem auf Linux vServer

Post by raupy »

Hallo,

mein iptables will irgendwie nicht loggen. Hier ist meine /etc/iptables.rules:

Code: Select all

# Generated by iptables-save v1.4.4 on Sat Aug 27 14:45:28 2011
*mangle
:PREROUTING ACCEPT [192212:213844944]
:INPUT ACCEPT [192212:213844944]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [88064:10264475]
:POSTROUTING ACCEPT [88064:10264475]
COMMIT
# Completed on Sat Aug 27 14:45:28 2011
# Generated by iptables-save v1.4.4 on Sat Aug 27 14:45:28 2011
*filter
:INPUT ACCEPT [1329:109366]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [88064:10264475]
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT 
-A INPUT -p tcp -m tcp --dport 22 -j ACCEPT 
-A INPUT -p tcp -m tcp --dport 4949 -j ACCEPT 
-A INPUT -p tcp -m tcp --dport 25565 -j ACCEPT 
-A INPUT -m limit --limit 5/min -j LOG --log-prefix "iptables denied: " 
-A INPUT -j DROP 
COMMIT
# Completed on Sat Aug 27 14:45:28 2011
# Generated by iptables-save v1.4.4 on Sat Aug 27 14:45:28 2011
*nat
:PREROUTING ACCEPT [2090:109206]
:POSTROUTING ACCEPT [1181:83233]
:OUTPUT ACCEPT [1181:83233]
COMMIT
# Completed on Sat Aug 27 14:45:28 2011
Und hier meine /etc/syslog.conf:

Code: Select all

#  /etc/syslog.conf	Configuration file for syslogd.
#
#			For more information see syslog.conf(5)
#			manpage.

#
# First some standard logfiles.  Log by facility.
#
auth,authpriv.*		 -/var/log/auth.log
*.*;auth,authpriv.none		-/var/log/syslog
#cron.*			 -/var/log/cron.log
kern.*                        -/var/log/kern.log
daemon.*			-/var/log/daemon.log
lpr.*				-/var/log/lpr.log
mail.*				-/var/log/mail.log
user.*				-/var/log/user.log

#
# Logging for the mail system.  Split it up so that
# it is easy to write scripts to parse these files.
#
mail.info			-/var/log/mail.info
mail.warning			-/var/log/mail.warn
mail.err		 -/var/log/mail.err

# Logging for INN news system
#
news.crit		 -/var/log/news/news.crit
news.err		 -/var/log/news/news.err
news.notice			-/var/log/news/news.notice

#
# Some `catch-all' logfiles.
#
*.=debug;\
	auth,authpriv.none;\
	news.none;mail.none	-/var/log/debug
*.=info;*.=notice;*.=warning;\
	auth,authpriv.none;\
	cron,daemon.none;\
	mail,news.none		-/var/log/messages

#
# Emergencies are sent to everybody logged in.
#
*.emerg				*

#
# I like to have messages displayed on the console, but only on a virtual
# console I usually leave idle.
#
#daemon,mail.*;\
#	news.=crit;news.=err;news.=notice;\
#	*.=debug;*.=info;\
#	*.=notice;*.=warning	/dev/tty8

# The named pipe /dev/xconsole is for the `xconsole' utility.  To use it,
# you must invoke `xconsole' with the `-file' option:
# 
#    $ xconsole -file /dev/xconsole [...]
#
# NOTE: adjust the list below, or you'll go crazy if you have a reasonably
#      busy site..
#
daemon.*;mail.*;\
	news.err;\
	*.=debug;*.=info;\
	*.=notice;*.=warning	|/dev/xconsole

Eigentlich sollte er doch in der /var/log/syslog loggen, wenn eine Anfrage auf einen anderen Port außer auf die freien Ports kommt, aber da steht nichts. In dmesg erscheint es aber. Warum? Ich bin ein totaler Anfänger und hoffe, dass mir jemand helfen kann.

mfG
raupy
Edit:
Ebenfalls möchte ich gerne wissen, wie man eine maximale Dateigröße von Logdateien festlegt. Wie geht das?