Re: Can't get iptables LOG
the reason i have *.* log to that file is for debugging purposes i don't intend to leave it like that
i believe kern.warn should be sufficient to send to that log
is there a way to make it so restarting syslogd w/o restarting klogd doesn't break it?
because syslogd gets restarted every so often by cron
----- Original Message -----
From: "Gian Piero Carrubba" <gp-ml@rm-rf.it>
To: debian-firewall@lists.debian.org
Sent: Thursday, 10 April 2008 03:56:43 PM (GMT+1000) Australia/Sydney
Subject: Re: Can't get iptables LOG
Il giorno Thu, 10 Apr 2008 11:55:41 +1000 (EST)
Mark Chong <mchong@stabat.com> ha scritto:
> kernel.printk = 4 4 1 7
> (havn't restarted but, echo'd values to the proc file)
[...]
> now the interesting thing is
> after restarting klogd
> it sets printk to 7 4 1 7
> this doesn't appear to effect the logging as it will log/not log
> regardless to this value being changed
The only real difference between these two settings is that the system
logs (latter) or doesn't log (the former) "minor"/default kernel
messages to the console.
> syslogconf
> *.* /var/log/iptables.log
Maybe something like kernel.* or kernel.info seems more appropriate...
> after restarting klogd i get the iptables logs it iptables.log
> but after restarting sysklogd it stops!
> then if i restart klogd again it works again
Well, it's a while I don't use sysklogd anymore, but I'd say that you
must restart klogd after syslogd. Failing to do so leads to a "broken
pipe" situation, so that the kernel messages can't be addressed to their
final destination.
Ciao,
Gian Piero.
--
To UNSUBSCRIBE, email to debian-firewall-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: