I also added a line in syslog.conf *.* /var/log/all
but I want a file only for the unauthorized attempts ... On Tuesday 05 March 2002 20:02, Joffer wrote using one of his keyboards: > >===== Original Message From Petre Bandac <[EMAIL PROTECTED]> ===== > >I have in my firewall the following lines: > > > >$IPT -A INPUT -s 0/0 -d $localhost --protocol tcp --dport 22 -j LOG > >--log-prefix -^UNAUTHORIZED_SSH^- > >$IPT -A INPUT -s 0/0 -d $localhost --protocol tcp --dport 22 -j DROP > > > >can I specify a logfile for those messages ? (man iptables says nothing > > about it, and if I want to mention it in syslog.conf, what kind or > > message would it be? info, notice or warn ? > > what I do is use the ulog patch and install ulogd. then i just specify in > the ulogd.conf file where to log. > > -j ULOG --ulog-prefix "inp dropped:" > > I never got it to work with syslog or any other way, though I bet there is > other ways. > > /Christopher Thorjussen > > >thanks in advance, > > > >petre > > > > > >-- > > 7:09pm up 33 min, 1 user, load average: 0.14, 0.07, 0.01 -- 8:05pm up 1:29, 1 user, load average: 0.07, 0.11, 0.09
