Chris, You can get syslogd to use a specific file for all the kernel related messages (at the log priority you specify), this can include the firewall logs.
If you JUST want iptables output, you might want to look into ULOGD, this is an alternate log format that is supported by IPTABLES. Havent had too much experience with this though. Try googling :) You could also try some firewall log analysis tools, there are plenty to pick from at freshmeat. If you just want use syslog, specify a log priority in your iptables script (Something like '--log-level debug' on each LOG rule), then put the following in /etc/syslog.conf kern.=debug /var/log/firewall.log Debug is just an example, you can use any of the log levels specified in man syslog.conf. Restart syslog and you should be set. Cheers, Shane. On Thu, 2003-11-06 at 17:24, Chris Barnes wrote: > Hi everyone, > Simple question, how would I get syslog to write all messages starting > with IPTABLES to a specific file, instead of /var/log/messages. > I've read the syslog.conf man page but I just don't understand the > syntax. > > Thanks heaps > > Chris Barnes -- _______________________________________________________ Shane Machon Proprietor LinSec Consulting 'Specialising in Linux and Internet Security Solutions' Ph: (02) 9979-1222 Fax:(02) 9979-1499 Mob: 0414 229097 Eml: [EMAIL PROTECTED] -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
