ulogd to multiple logfiles?

To: debian-security@lists.debian.org
Subject: ulogd to multiple logfiles?
From: Felipe Figueiredo <philsf@ufrj.br>
Date: Fri, 30 Mar 2007 13:30:38 -0300
Message-id: <[🔎] 200703301330.38186.philsf@ufrj.br>

Hello,

I am trying to implement a simple NIDS based on fwlogwatch for my gateway, and 
I use ulogd for logging iptables rejected/dropped traffic.

Problem is, I don't want my users blocked because of EVERY traffic they 
generate that gets logged, so I am looking for a way for ulogd to use 
multiple logfiles, based on prefix chosen for rules. So far, I couldn't find 
it in the documentation in /usr/share/doc nor in netfilter's site. 

Does anybody know if it's even possible?

Alternatively, I would be satisfied if fwlogwatch could ignore some selected 
prefixes of my choice, but that seems somewhat harder. Hope I'm wrong.

regards
FF

Reply to:

Prev by Date: Gary Bueltel is in Colorado Springs
Previous by thread: Gary Bueltel is in Colorado Springs
Index(es):
- Date
- Thread