February 2020
Intermediate to advanced
666 pages
15h 45m
English
Content preview from Mastering Linux Security and Hardening - Second Edition
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
Logging dropped packets
Here's another time-saver that you're sure to like. If you want to create log entries whenever packets get blocked, just use the --set-log-denied option. Before we do that, let's see if it's already enabled:
[donnie@localhost ~]$ sudo firewall-cmd --get-log-denied[sudo] password for donnie: off[donnie@localhost ~]$
It's not, so let's turn it on and check the status again:
[donnie@localhost ~]$ sudo firewall-cmd --set-log-denied=allsuccess[donnie@localhost ~]$ sudo firewall-cmd --get-log-deniedall[donnie@localhost ~]$
We've set it up to log all denied packets. However, you might not always want that. Your other choices are as follows:
- unicast
- broadcast
- multicast
So, for example, if all you want is to log blocked ...