I'm new to iptables and Linux-firewall in general. Can somebody help me with it? I want to write a table using iptables that will log outgoing TCP connections to a specific IP address, except these that go through port 80 (HTTP).
Her is what I have so far:
iptables -N LOGGING
iptables -A OUTPUT -j LOGGING
iptables -A LOGGING -p tcp -m tcp --dport 80 -j DROP
iptables -A LOGGING -p tcp -m tcp -d 149.20.4.69 -j LOG --log-prefix "My logging: " --log-level 4
Here is my previous try. This should log all outgoing connections to the chosen IP but I don't know how to filter out port 80 (HTTP).
iptables -A OUTPUT -p tcp -s 149.20.4.69 -j LOG —log-prefix 'OUTPUT TCP: ' —log-level 4
You could just use a not condition to exclude port 80
# Log TCP traffic to x.x.x.x for all destination ports except 80
iptables -A OUTPUT -p tcp -d x.x.x.x ! --dport 80 -j LOG