[tlug] iptables: can't get logging to work

[Jean-Christian Imbeault <jc@example.com>]

I've written my first set of iptable rules but they're still buggy =) I 
keep locking myself out. So I'm trying to enable logging to see why I 
can't SSH to my box but I can't seem to get logging to work.

I have set the default policy to DROP and added only ACCEPT rules, so 
nothing gets DROPPED or REJECTED before making to the last (logging) 
rule. The last rule should LOG anything that didn't match ... but I 
can't find any iptables entries in /var/log/messages ...

My rules are:

IPT="/usr/local/sbin/iptables"
IP="x.x.x.x"
JC="x.x.x.x"

for i in filter
do
   $IPT -t $i -F
   $IPT -t $i -X
done

$IPT --policy INPUT   DROP
$IPT --policy OUTPUT  DROP
$IPT --policy FORWARD DROP

$IPT -A INPUT  -i lo -j ACCEPT
$IPT -A OUTPUT -o lo -j ACCEPT
$IPT -A INPUT -p icmp -j ACCEPT
$IPT -A OUTPUT -m state --state ESTABLISHED,RELATED    -j ACCEPT
$IPT -A INPUT -p TCP -s 0/0 -i eth0 -d $IP --dport 80  -j ACCEPT
$IPT -A INPUT -p TCP -s 0/0 -i eth0 -d $IP --dport 443 -j ACCEPT
$IPT -A INPUT -p TCP -s $JC -i eth0 -d $IP --dport 22  -j ACCEPT
$IPT -A INPUT -p tcp --dport 25 --syn -m limit --limit 1/s --limit-burst 
10 -j ACCEPT
$IPT -A INPUT -p tcp --dport 25 -j ACCEPT
$IPT -A INPUT -p tcp --dport 53 -j ACCEPT
$IPT -A INPUT -p udp --dport 53 -j ACCEPT
$IPT -A INPUT -p tcp --syn -m limit --limit 5/minute -j LOG --log-level 
info --log-prefix "Firewalled packet:"

My /etc/syslog.conf has this entry to send all info messages to 
/var/log/messages:

*.info;mail.none;authpriv.none;cron.none                /var/log/messages

Yet even when I telnet to my machine I don't see any iptables related 
messages ...

What did I miss to get logging enabled? (and if anyone can spot why I 
can't SSH to my box from my PC (JC) please let me know ;)

Thanks,

Jc