Basically we’ll set up another chain for it to be forwarded to, filter the packets to move them to the chain, then a logging command created to log if packets end up in that chain.
We’ll need to know where to put the filter for the redirection:
$ sudo iptables -L --line-numbers Chain INPUT (policy ACCEPT) num target prot opt source destination [snip] 10 DROP all -- anywhere anywhere
In this example, use line 9 on the second command.
Create the rules:
$ sudo iptables --new-chain LOGGING $ sudo iptables -I INPUT 9 -j LOGGING $ sudo iptables -A LOGGING -m limit --limit 2/min -j LOG --log-prefix "IPTables-Dropped: " --log-level 4 $ sudo iptables -A LOGGING -j DROP
Basically create the new chain, then redirect packets. Add a rule to the logging chain, then drop the packets to be sure.
Reverting/Disabling the changes
To undo it, check the line of the redirect (because you may have made changes):
$ sudo iptables -L --line-numbers | egrep "(Chain|LOGG)" Chain INPUT (policy ACCEPT) 9 LOGGING all -- anywhere anywhere
Remove the rule:
$ sudo iptables -D INPUT 9
Delete any rules on the LOGGING chain:
$ sudo iptables -D LOGGING 2 $ sudo iptables -D LOGGING 1
Delete the chain:
$ sudo iptables --delete-chain LOGGING
Relevant links (where I got the main part of the info from: