On Thu, 25 Apr 2002 00:31:04 +1000 "mdevin" <[EMAIL PROTECTED]> wrote:
> Ok, one way of doing this is to set the log-level in your logging > chains and then configure syslog to log entries for that level to a > separate file. For example, you would have a logging chain like: > $IPTABLES -N logdrop > $IPTABLES -A logdrop -j LOG --log-level 4 --log-prefix "Log_Drop" > $IPTABLES -A logdrop -j DROP > > And then you edit /etc/syslog.conf and append the following line: > kern.=warning -/var/log/firewall.log (Nb. line up with tabs) > Then the firewall will log to /var/log/firewall.log as well as syslog Thanks, that works. I chose log-level 7 (debug), I'm not going to do any kernel debugging so I can safely send that to another file and not to /var/log/messages. So that file keeps clean when I'm experimenting with my firewall rules. > The other possibility is to look into the ulog target. This may give > more configurability, but I haven't used it yet. Maybe this is a nicer way of doing it, but this means you have to write a program that listens to a socket, right? Grts Tim -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
