example of iptables logging

  • 1
  • Question
  • Updated 1 year ago
Does anyone have examples of making use of iptables logging on the cumulus OS?  I am trying to log denies in my rules but keep getting messages such as the following when I apply rules with target "Log":

error: line 28 : LOG rule must be followed by a rule with exact same match and target DROP
Photo of Jesse Martinez

Jesse Martinez

  • 70 Points

Posted 1 year ago

  • 1
Photo of Eric Pulvino

Eric Pulvino, Official Rep

  • 4,082 Points 4k badge 2x thumb
I've never tried to do it personally but I recall seeing this blurb in the Docs which seems to be related to what you're describing. ACL DOCS

Log Actions Cannot Be Forwarded
Logged packets cannot be forwarded. The hardware cannot both forward a packet and send the packet to the control plane (or kernel) for logging. To emphasize this, a log action must also have a drop action.