Re: ipmasq and logging
Thomas H. George,,, said:
> I have installed ipmasq on a firewall box and would like to review the
> transmissions which are logged and dropped. As syslog is flooded with
> the exchange of magic numbers, this is not necessarily easy. From a
> study of other iptable firewalls, I see it is possible to add
> --log-prefix "Dropped" and I have copied ZZZdenyandlog.def to
> ZZZdenyandlog.rul and added a log-prefix to the log rules. So far I have
> seen nothing. Since the firewall box has a 20 Gbyte hard drive (it is
> hard to buy anything smaller) I would rather redirect the log and drop
> messages to a seperate file. Is there some way to do this?
syslog-ng has quite a bit of filtering capabilities built in. you
can filter based on log data and redirect that to a dedicated file if
you want..
nate
Reply to: