Howdy all,
I'm tired of my iptables logs filling up my dmesg. I see that there is
a --log-level option in iptables, but I'm not sure if this will help. I
believe I've read somewhere that iptables logs as kernel facility unless
you recompile it.
What I'd like to do is have my iptables logs only go to a firewall
directory. To that end, I've done this.
Before my DROP or REJECTS on my INPUT chain, I have:
iptables -A INPUT -j LOG --log-prefix "FW_INPUT "
Before my DROP or REJECTS on my OUTPUT chain, I have:
iptables -A OUTPUT -j LOG --log-prefix "FW_OUTPUT "
In my metalog.conf, I have:
Firewall messages :
regex = "(FW_INPUT|FW_OUTPUT)"
logdir = "/var/log/firewall"
This does indeed put my iptables logs in /var/log/firewall, but I don't
want them to also go to my dmesg. Is this possible/easy?
--
Shane Hickey : Nerd
http://www.nerddiary.org
GPG KeyID: 777CBF3F
Key fingerprint: 254F B2AC 9939 C715 278C DA95 4109 9F69 777C BF3F
Listening to: - 04 - names of trees
--
[EMAIL PROTECTED] mailing list
