[lxc-users] Logging from iptables to rsyslog inside container fails.

netritious at gmail.com netritious at gmail.com
Mon Feb 20 08:12:41 UTC 2017


I'm guessing the problem is simply no userspace access to kern.log in an
unprivileged container?

Anyway, problem solved by installing ulog and targeting the NFLOG stack
in iptables.

lxc exec www /bin/bash
apt-get update
apt-get install ulogd2

In /etc/iptables.up.rules:

......
# Log dropped
-A INPUT -m limit --limit 5/second -j NFLOG --nflog-prefix "DROPPED "
# DROP
-A INPUT -j DROP
COMMIT
......

Logs are stored in /var/log/ulog/syslogemu.log

No other configuration was required on my part.

Passing along in case someone else needs it later.




More information about the lxc-users mailing list