#log all dropped packages to separate file

#backup
sudo iptables-save > backup.save

#safety flush cronjob every xx:45h
sudo crontab -e
45 * * * * /sbin/iptables -F

#begin
sudo iptables -N DROP_AND_LOG
sudo iptables -A DROP_AND_LOG -m limit --limit 1/min -j LOG --log-prefix "[IPTABLES-DROP]: "
sudo iptables -A DROP_AND_LOG -j DROP

#if old rules exist, save now upated rules
sudo iptables-save > modded.save

#replace DROP with DROP_AND_LOG chain
sed -e 's:-j DROP:-j DROP_AND_LOG:g' modded.save > replaced.save

#fix last "-j DROP" to original...
vim replaced.save

#create custom syslog output log
vim /etc/rsyslog.d/custom_iptables.conf
> :msg,contains,"IPTABLES-DROP" /var/log/iptables.log

#flush iptables and restore our modded rules
sudo iptables -F
sudo iptables-restore < replaced.save

#see the magic happen... (and dont forget to remove cronjob...)