iptables uses the kern.info logging facility. look at syslog.conf.
* Petre Bandac ([EMAIL PROTECTED]) wrote:
>
> I have in my firewall the following lines:
>
> $IPT -A INPUT -s 0/0 -d $localhost --protocol tcp --dport 22 -j LOG
> --log-prefix -^UNAUTHORIZED_SSH^-
> $IPT -A INPUT -s 0/0 -d $localhost --protocol tcp --dport 22 -j DROP
>
> can I specify a logfile for those messages ? (man iptables says nothing about
> it, and if I want to mention it in syslog.conf, what kind or message would it
> be? info, notice or warn ?
