IPtables log only some drop connections

Question

I have these rules:

-A INPUT -m limit --limit 2/min -j LOG --log-prefix "IPTables Packet Dropped: " --log-level 7
-A INPUT -j DROP

But this logs every DROP that occurs like IPTables Packet Dropped: IN=eth0 OUT= MAC=XXXXXXXX SRC=192.168.100.11 DST=192.168.100.255.

I want to log only when DST is 192.168.100.19.

@MadHatter i tried what i have above (on question). – Christopher Nov 24 '15 at 15:08 — Christopher, Nov 24 '15 at 15:08

score 1 · Accepted Answer · answered Nov 24 '15 at 15:42

1

You need to insert a rule for the IP you want to log before the catch all rule you have.

iptables -A INPUT -d 192.168.100.19 -m limit --limit 2/min -j LOG --log-prefix "IPTables Packet Dropped: " --log-level 7

answered Nov 24 '15 at 15:42

Gmck

1 Answers1