| Thomas Graf | c794874 | 2011-03-16 16:30:09 +0100 | [diff] [blame] | 1 | This target allows to create audit records for packets hitting the target. |
| 2 | It can be used to record accepted, dropped, and rejected packets. See | ||||
| 3 | auditd(8) for additional details. | ||||
| 4 | .TP | ||||
| 5 | \fB\-\-type\fP {\fBaccept\fP|\fBdrop\fP|\fBreject\fP} | ||||
| 6 | Set type of audit record. | ||||
| 7 | .PP | ||||
| 8 | Example: | ||||
| 9 | .IP | ||||
| 10 | iptables \-N AUDIT_DROP | ||||
| 11 | .IP | ||||
| 12 | iptables \-A AUDIT_DROP \-j AUDIT \-\-type drop | ||||
| 13 | .IP | ||||
| 14 | iptables \-A AUDIT_DROP \-j DROP | ||||