Replace SOURCE_IP
with an actual CIDR range (0.0.0.0/0
for all)
sudo iptables -I INPUT -s SOURCE_IP -j LOG --log-prefix "SOME_LABEL_HERE-INPUT: "
sudo iptables -I FORWARD -s SOURCE_IP -j LOG --log-prefix "SOME_LABEL_HERE-FORWARD: "
sudo iptables -I OUTPUT -d SOURCE_IP -j LOG --log-prefix "SOME_LABEL_HERE-OUTPUT: "
sudo iptables -I INPUT -s 0.0.0.0/0 -p tcp --dport 80 -j LOG --log-prefix "SOME_LABEL_HERE-INPUT: "
sudo iptables -I FORWARD -s 0.0.0.0/0 -p tcp --dport 80 -j LOG --log-prefix "SOME_LABEL_HERE-FORWARD: "
sudo iptables -I OUTPUT -s 0.0.0.0/0 -p tcp --dport 80 -j LOG --log-prefix "SOME_LABEL_HERE-OUTPUT: "
grep "SOME_LABEL_HERE" /var/log/syslog
If you used the "Specific IP" method:
sudo iptables -D INPUT -s SOURCE_IP -j LOG --log-prefix "SOME_LABEL_HERE-INPUT: "
sudo iptables -D FORWARD -s SOURCE_IP -j LOG --log-prefix "SOME_LABEL_HERE-FORWARD: "
sudo iptables -D OUTPUT -d SOURCE_IP -j LOG --log-prefix "SOME_LABEL_HERE-OUTPUT: "
sudo iptables -D INPUT -s 0.0.0.0/0 -p tcp --dport 80 -j LOG --log-prefix "SOME_LABEL_HERE-INPUT: "
sudo iptables -D FORWARD -s 0.0.0.0/0 -p tcp --dport 80 -j LOG --log-prefix "SOME_LABEL_HERE-FORWARD: "
sudo iptables -D OUTPUT -d 0.0.0.0/0 -p tcp --dport 80 -j LOG --log-prefix "SOME_LABEL_HERE-OUTPUT: "