]> git.ipfire.org Git - ipfire-2.x.git/blobdiff - src/initscripts/system/firewall
projects / ipfire-2.x.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
firewall: Configure TRACE target to log to syslog
[ipfire-2.x.git] / src / initscripts / system / firewall
diff --git a/src/initscripts/system/firewall b/src/initscripts/system/firewall
index b0890c71731b8c90747227b6cacc540c5485289e..ab3a0bbf9c9a6151b89686c2308dac5b8be11944 100644 (file)
--- a/src/initscripts/system/firewall
+++ b/src/initscripts/system/firewall
@@ -32,6 +32,10 @@ iptables_init() {
        iptables -P FORWARD DROP
        iptables -P OUTPUT ACCEPT
 
+       # Enable TRACE logging to syslog
+       modprobe nf_log_ipv4
+       sysctl -q -w net.netfilter.nf_log.2=nf_log_ipv4
+
        # Empty LOG_DROP and LOG_REJECT chains
        iptables -N LOG_DROP
        iptables -A LOG_DROP   -m limit --limit 10/second -j LOG
IPFire 2.x development tree