Re: ipmasq and logging

To: <debian-user@lists.debian.org>
Subject: Re: ipmasq and logging
From: "nate" <debian-user@aphroland.org>
Date: Fri, 16 May 2003 09:16:41 -0700 (PDT)
Message-id: <[🔎] 14676.12.18.184.2.1053101801.squirrel@webmail.linuxpowered.net>
In-reply-to: <[🔎] 3EC51135.6080604@spininternet.com>
References: <[🔎] 3EC51135.6080604@spininternet.com>

Thomas H. George,,, said:
> I have installed ipmasq on a firewall box and would like to review the
> transmissions which are logged and dropped.  As syslog is flooded with
> the exchange of magic numbers, this is not necessarily easy.  From a
> study of other iptable firewalls, I see it is possible to add
> --log-prefix "Dropped" and I have copied ZZZdenyandlog.def to
> ZZZdenyandlog.rul and added a log-prefix to the log rules.  So far I  have
> seen nothing.  Since the firewall box has a 20 Gbyte hard drive (it  is
> hard to buy anything smaller) I would rather redirect the log and  drop
> messages to a seperate file.  Is there some way to do this?

syslog-ng has quite a bit of filtering capabilities built in. you
can filter based on log data and redirect that to a dedicated file if
you want..

nate

Reply to:

References:
- ipmasq and logging
  - From: "Thomas H. George,,," <georgeacct@spininternet.com>

Prev by Date: Re: Making Debian Packages from tar ball files
Next by Date: RE: Don't worry about SCO !!!!!
Previous by thread: ipmasq and logging
Next by thread: Re: ipmasq and logging
Index(es):
- Date
- Thread