How to enable firewalld logging for denied packets on Linux

www.lau‮oc.irutt‬m
How to enable firewalld logging for denied packets on Linux

To enable logging for denied packets in firewalld on a Linux system, you can follow these steps:

  1. Open a terminal and use the sudo command to enter a command as the root user:
sudo -i
  1. Enable logging for the firewalld service:
  • Use the systemctl command to enable the firewalld service:
systemctl enable firewalld
  • Start the firewalld service:
systemctl start firewalld
  1. Configure firewalld to log denied packets:
  • Open the firewalld configuration file (/etc/firewalld/firewalld.conf) in a text editor:
nano /etc/firewalld/firewalld.conf

  • Find the line LogDenied and set its value to all. This will enable logging for all denied packets.

  • Save the file and exit the text editor.

  1. Restart the firewalld service to apply the changes:
systemctl restart firewalld

Now, firewalld will log all denied packets to the system log. You can view the logs by using the journalctl command or by accessing the log files in the /var/log/ directory.

For example, to view the firewalld logs in real-time, you can use the following command:

journalctl -u firewalld

Note: The steps may vary depending on your Linux distribution and the version of firewalld you are using. Consult the documentation for your specific system for more information.

Created Time:2017-10-28 21:39:03  Author:lautturi
How to enable automatic updates for RHEL/CentOS 8
How to exclude file when using scp command recursively