IPtables help for rh 8

[climber]

I need some help with my iptables setup. I've come with this so far for my /etc/sysconfig/iptables it seems to work ok. But I have no idea where the logs go to even though I tried specifying them and also I want to be able to mask others from using NMAP to see what application are running. Any ideas?

[IPtable]
*filter
:INPUT DROP [0:0]
:FORWARD DROP [0:0]
:OUTPUT DROP [0:0]

## Drop all incoming fragments
-A INPUT -i eth0 -f -j DROP

## Drop outside packets with localhost address - anti-spoofing measure
-A INPUT -s 127.0.0.0/255.0.0.0 -i ! lo -j DROP

## Drop bad packets
-A INPUT -p ALL -m state --state INVALID -j DROP

## Pass all locally-originating packets
-A INPUT -i lo -j ACCEPT
-A OUTPUT -o lo -j ACCEPT

## REJECT ICMP ping echo request packets
## (this prevents other people from pinging the machine, among other things)
-A INPUT -p icmp --icmp-type echo-request -j REJECT

## Accept all traffic from a specific machine with IP x.x.x.x
-A INPUT -p tcp -m tcp --syn -s 203.116.0.0/255.255.0.0 -j ACCEPT
-A INPUT -p tcp -m tcp --syn -s 203.117.0.0/255.255.0.0 -j ACCEPT
-A INPUT -p tcp -m tcp --syn -s 203.118.0.0/255.255.0.0 -j ACCEPT
-A INPUT -p tcp -m tcp --syn -s 61.8.192.0/255.255.224.0 -j ACCEPT

## Allow web server access from specfic IP range (port 80)
-A INPUT -p tcp -m tcp --syn -s 203.116.0.0/255.255.0.0 --dport 80 -j ACCEPT
-A INPUT -p tcp -m tcp --syn -s 203.117.0.0/255.255.0.0 --dport 80 -j ACCEPT
-A INPUT -p tcp -m tcp --syn -s 203.118.0.0/255.255.0.0 --dport 80 -j ACCEPT
-A INPUT -p tcp -m tcp --syn -s 61.8.192.0/255.255.224.0 --dport 80 -j ACCEPT

## Allow secure web server access from specific IP range (port 443)
-A INPUT -p tcp -m tcp --syn -s 203.116.0.0/255.255.0.0 --dport 443 -j ACCEPT
-A INPUT -p tcp -m tcp --syn -s 203.117.0.0/255.255.0.0 --dport 443 -j ACCEPT
-A INPUT -p tcp -m tcp --syn -s 203.118.0.0/255.255.0.0 --dport 443 -j ACCEPT
-A INPUT -p tcp -m tcp --syn -s 61.8.192.0/255.255.224.0 --dport 443 -j ACCEPT


## Accept all inbound ssh traffic
-A INPUT -p tcp -m tcp --syn -s 203.116.1.62 --dport 22 -j ACCEPT

## Allow inbound established and related outside communication
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

## Drop outside initiated connections
-A INPUT -m state --state NEW -j REJECT

## Allow all outbound tcp, udp, icmp traffic with state
-A OUTPUT -p tcp -m state --state NEW,ESTABLISHED -j ACCEPT
-A OUTPUT -p udp -m state --state NEW,ESTABLISHED -j ACCEPT
-A OUTPUT -p icmp -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT

## Log all inbound and outbound connections
-A INPUT -j LOG --log-prefix "INPUT packets: "
-A OUTPUT -j LOG --log-prefix "OUTPUT packets: "
COMMIT[/IPtable]

[syslog.conf]
# Log all kernel messages to the console.
# Logging much else clutters up the screen.
#kern.* /dev/console

# Log anything (except mail) of level info or higher.
# Don't log private authentication messages!
*.info;mail.none;authpriv.none;cron.none /var/log/messages

# The authpriv file has restricted access.
authpriv.* /var/log/secure

# Log all the mail messages in one place.
mail.* /var/log/maillog


# Log cron stuff
cron.* /var/log/cron

# Everybody gets emergency messages
*.emerg *

# Save news errors of level crit and higher in a special file.
uucp,news.crit /var/log/spooler# Save boot messages also to boot.log
local7.* /var/log/boot.log

kern.=debug /var/log/iptables/firewall.log

# IPtables informational log
kern.=info /var/log/iptables/info.log

#IPtables warnings log
kern.=warnings /var/log/iptables/warn.log