From mboxrd@z Thu Jan  1 00:00:00 1970
From: Athan <netfilter@miggy.org>
Subject: Re: how to configure iptables / syslog to log to separate file
Date: Wed, 8 Jan 2003 22:09:37 +0000
Sender: netfilter-admin@lists.netfilter.org
Message-ID: <20030108220937.GF21359@miggy.org>
References: <3E1C89D7.7000706@TemporalArts.com> <1042058254.3e1c8c0e93c83@mail.whstuart.com>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
	protocol="application/pgp-signature"; boundary="3oCie2+XPXTnK5a5"
Return-path: <netfilter-admin@lists.netfilter.org>
Content-Disposition: inline
In-Reply-To: <1042058254.3e1c8c0e93c83@mail.whstuart.com>
Errors-To: netfilter-admin@lists.netfilter.org
List-Help: <mailto:netfilter-request@lists.netfilter.org?subject=help>
List-Post: <mailto:netfilter@lists.netfilter.org>
List-Subscribe: <https://lists.netfilter.org/mailman/listinfo/netfilter>,
	<mailto:netfilter-request@lists.netfilter.org?subject=subscribe>
List-Id: <netfilter.vger.kernel.org>
List-Unsubscribe: <https://lists.netfilter.org/mailman/listinfo/netfilter>,
	<mailto:netfilter-request@lists.netfilter.org?subject=unsubscribe>
List-Archive: <https://lists.netfilter.org/pipermail/netfilter/>
To: Chris Shepherd <chriss@whstuart.com>
Cc: "Randall J. Parr" <RParr@TemporalArts.COM>, netfilter@lists.netfilter.org


--3oCie2+XPXTnK5a5
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Wed, Jan 08, 2003 at 03:37:34PM -0500, Chris Shepherd wrote:
> Quoting "Randall J. Parr" <RParr@TemporalArts.COM>:
> > Can I, and if so how can I, configure iptables (esp using GuardDog which
> > I use to configure iptables) and/or syslog (ie /etc/syslog.conf, ...) so
> > that my firewall messages are logged into a file other than
> > /var/log/messages?
> >=20
> > I have searched, looked at tutorial, etc. and found this question asked
> > many times but without ever finding a decent answer.
> >=20
> > If it just can not be done, could someone who knows this please state s=
o?
>=20
> Configure Syslog to log a certain log-level to an alternate file, and the=
n just=20
> use  "-j LOG --log-level <level>". ie: if you wanted it to log as a notic=
e,=20
> just setup Syslog to log notices to another file, and drop in a line that=
 reads=20
> like:
>=20
> iptables -A LOGGING_TABLE -j LOG --log-level notice --log-prefix=3D"NF: "

   That's still only a _kernel_ log _priority_.  So it'll still be in the
kernel facility.  But this is still part of the solution *8-).

   You won't be able to guarantee *ONLY* iptables logging in a file,
but you can set --log-level debug and then in /etc/syslog.conf

kernel.=3Ddebug		/var/log/kernel-debug.log

Debug is the level least likely to have stuff generated by other things
normally.

HTH,

-Ath
--=20
- Athanasius =3D Athanasius(at)miggy.org / http://www.miggy.org/
                  Finger athan(at)fysh.org for PGP key
	   "And it's me who is my enemy. Me who beats me up.
Me who makes the monsters. Me who strips my confidence." Paula Cole - ME

--3oCie2+XPXTnK5a5
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iEYEARECAAYFAj4coaEACgkQzbc+I5XfxKeD+ACfaAh6rBsx+eId5RZNWRUiAn4l
prkAniFPps6V7wppIo5ckNPVxGEkBCqn
=sEiv
-----END PGP SIGNATURE-----

--3oCie2+XPXTnK5a5--