[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Logging iptables

On Thu, 25 Apr 2002 00:31:04 +1000
"mdevin" <mdevin@ozemail.com.au> wrote:

> Ok, one way of doing this is to set the log-level in your logging
> chains and then configure syslog to log entries for that level to a
> separate file.  For example, you would have a logging chain like:
> $IPTABLES -N logdrop
> $IPTABLES -A logdrop -j LOG --log-level 4 --log-prefix "Log_Drop"
> $IPTABLES -A logdrop -j DROP
> 
> And then you edit /etc/syslog.conf and append the following line:
> kern.=warning           -/var/log/firewall.log (Nb. line up with tabs)
> Then the firewall will log to /var/log/firewall.log as well as syslog
Thanks, that works. I chose log-level 7 (debug), I'm not going to do any kernel debugging so I can safely send that to another file and not to /var/log/messages. So that file keeps clean when I'm experimenting with my firewall rules.

> The other possibility is to look into the ulog target.  This may give
> more configurability, but I haven't used it yet.
Maybe this is a nicer way of doing it, but this means you have to write a program that listens to a socket, right?

Grts Tim


-- 
To UNSUBSCRIBE, email to debian-user-request@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: