[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Creating a logfile for Netfilter

On Fri, Jun 15, 2001 at 08:30:37PM +0200, Jean-Marc Boursot wrote:
> On Friday 15 June 2001 16:32, Stefan Srdic wrote:
> > >
> > > If you create a user defined chain something like the following:
> > >
> > > iptables -N log_droped
> > > iptables -A log_droped -j LOG --log-level 1 --log-prefix
> > > "droped_::" iptables -A log_droped -j DROP
> > >
> > > And make all your firewall rules that need to be dropped -j (jump)
> > > to this chain then they will be logged at log-level 1 (Alert).
> > >
> > > Then, if you edit /etc/syslog.conf and append the following line:
> > > kern.=alert                     -/var/log/firewall.log
> > > (Nb. line up with tabs)
> > >
> > > Then syslog will log all logs at level alert to the separate file. 
> > > Not much else gets logged at level alert so it should be OK and not
> > > upset other logging.
> 
> Isn't there a problem? Logs at level notice (5) and below are sent to 
> the console. If host activity is too high, console will become unusable 
> (kind of DoS).

 Use the magic sysrequest key to change to console log level, or use
setterm -msglevel.

-- 
#define X(x,y) x##y
Peter Cordes ;  e-mail: X(peter@llama.nslug. , ns.ca)

"The gods confound the man who first found out how to distinguish the hours!
 Confound him, too, who in this place set up a sundial, to cut and hack
 my day so wretchedly into small pieces!" -- Plautus, 200 BCE
Reply to: