[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: iptables logging

Tamas TEVESZ, 2001-Jul-23 19:17 +0200:
> On Mon, 23 Jul 2001, Jeff Coppock wrote:
> 
>  >    other than /var/log/syslog.  I'd like these "Refected: " log
>  >    messages to go into /var/log/iptables.log instead.  I can't
>  >    figure out what changes to make to /etc/syslog.conf to make
>  >    this happen.  Any help is appreciated.
> 
> apt-get install syslog-ng
> 
> traditional syslog can't do pattern matching and directing messages
> based on pattern whereas syslog-ng can.

   I've installed syslog-ng and I did some reading and searching.
   I tried to set up the syslog-ng.conf file, but it's doesn't
   recognize the facility I set up for the firewall messages.  I
   inserted the following in their appropriate places and
   restarted syslog-ng and got a message about dropping
   unrecognized facility:
     
   source --> used default source of 'src'
   destination firewall { file("/var/log/firewall.log"); };
   filter dropped {facility(Dropped); };  # iptables LOG prefix
   log { source(src); filter(dropped); destination(firewall); };
   
   Am I even close on the way this should be set up?
   
   thanks,
   jc

-- 

Jeff Coppock		Nortel Networks
Systems Engineer	http://nortelnetworks.com
Major Accts.		Santa Clara, CA
Reply to: