Re: Creating a logfile for Netfilter
On Friday 15 June 2001 16:32, Stefan Srdic wrote:
> > If you create a user defined chain something like the following:
> > iptables -N log_droped
> > iptables -A log_droped -j LOG --log-level 1 --log-prefix
> > "droped_::" iptables -A log_droped -j DROP
> > And make all your firewall rules that need to be dropped -j (jump)
> > to this chain then they will be logged at log-level 1 (Alert).
> > Then, if you edit /etc/syslog.conf and append the following line:
> > kern.=alert -/var/log/firewall.log
> > (Nb. line up with tabs)
> > Then syslog will log all logs at level alert to the separate file.
> > Not much else gets logged at level alert so it should be OK and not
> > upset other logging.
Isn't there a problem? Logs at level notice (5) and below are sent to
the console. If host activity is too high, console will become unusable
(kind of DoS).