[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: ipmasq and logging



Thomas H. George,,, said:
> I have installed ipmasq on a firewall box and would like to review the
> transmissions which are logged and dropped.  As syslog is flooded with
> the exchange of magic numbers, this is not necessarily easy.  From a
> study of other iptable firewalls, I see it is possible to add
> --log-prefix "Dropped" and I have copied ZZZdenyandlog.def to
> ZZZdenyandlog.rul and added a log-prefix to the log rules.  So far I  have
> seen nothing.  Since the firewall box has a 20 Gbyte hard drive (it  is
> hard to buy anything smaller) I would rather redirect the log and  drop
> messages to a seperate file.  Is there some way to do this?

syslog-ng has quite a bit of filtering capabilities built in. you
can filter based on log data and redirect that to a dedicated file if
you want..

nate





Reply to: