How to enable logging for iptables inside a docker container?

Question

How to enable logging for iptables inside a docker container?

Recently, I created some Docker images to configure a container with open VPN support and iptables.

So far, everything is working fine, but since I have some problems with the firewall, I added some more iptables rules to register dropped packets in / var / log / messages. However, I realized that even if something is discarded, the log file cannot be found in / var / log.

So my question is this: how is the Alpine Linux log (system) handled and how can I specifically check the iptables log?

UPDATE

As Larks pointed out, default logging is disabled in the kernel to prevent DDOS attacks when loading logs.

To access the work, I installed ulogd and followed the instructions here .

+4

logging docker

u6f6o Sep 22 '16 at 6:59

source share

1 answer

larsks · Accepted Answer · 2016-09-24T22:32:35+0000

The problem is not Alpine Linux. The problem is that you are trying to enter the iptables stack inside the Docker container, and as far as I know, the kernel does not process messages created by iptables LOG objects in namespaces other than global. LOG messages in namespaces are intentionally suppressed to prevent the container from executing a DOS attack on a host with a large volume of log messages. See this commit in the kernel, which explicitly disables LOG support in containers.

, , , . , NFLOG ulogd.

How to enable logging for iptables inside a docker container?

More articles: