* iptables logging
@ 2007-11-15 20:31 Stephen Clark
2007-11-15 21:16 ` Jan Engelhardt
0 siblings, 1 reply; 3+ messages in thread
From: Stephen Clark @ 2007-11-15 20:31 UTC (permalink / raw)
To: netfilter-devel
Hello,
Is there a way to have iptables LOG using a
facility other than "kern".
I would like to
segregate out the messages from iptables into a
file separate from
/var/log/messages.
Any advice would be appreciated.
Steve
--
"They that give up essential liberty to obtain
temporary safety,
deserve neither liberty nor safety." (Ben Franklin)
"The course of history shows that as a government
grows, liberty
decreases." (Thomas Jefferson)
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: iptables logging
2007-11-15 20:31 iptables logging Stephen Clark
@ 2007-11-15 21:16 ` Jan Engelhardt
2007-11-16 12:24 ` Stephen Clark
0 siblings, 1 reply; 3+ messages in thread
From: Jan Engelhardt @ 2007-11-15 21:16 UTC (permalink / raw)
To: Stephen Clark; +Cc: netfilter-devel
On Nov 15 2007 15:31, Stephen Clark wrote:
>
> Hello,
>
> Is there a way to have iptables LOG using a facility other than "kern".
> I would like to
> segregate out the messages from iptables into a file separate from
> /var/log/messages.
>
> Any advice would be appreciated.
You should use syslog-ng, which allows text matching and filtering.
This is from a regular openSUSE install:
filter f_iptables { facility(kern) and match("IN=") and match("OUT="); };
Or, you can use the ULOG target together with ulogd2.
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: iptables logging
2007-11-15 21:16 ` Jan Engelhardt
@ 2007-11-16 12:24 ` Stephen Clark
0 siblings, 0 replies; 3+ messages in thread
From: Stephen Clark @ 2007-11-16 12:24 UTC (permalink / raw)
To: Jan Engelhardt; +Cc: netfilter-devel
Jan Engelhardt wrote:
>On Nov 15 2007 15:31, Stephen Clark wrote:
>
>
>>Hello,
>>
>>Is there a way to have iptables LOG using a facility other than "kern".
>>I would like to
>>segregate out the messages from iptables into a file separate from
>>/var/log/messages.
>>
>>Any advice would be appreciated.
>>
>>
>
>You should use syslog-ng, which allows text matching and filtering.
>This is from a regular openSUSE install:
>
> filter f_iptables { facility(kern) and match("IN=") and match("OUT="); };
>
>Or, you can use the ULOG target together with ulogd2.
>
>
>
>
Hi Jan,
Thanks for taking the time to reply. I'll check them both out.
Steve
--
"They that give up essential liberty to obtain temporary safety,
deserve neither liberty nor safety." (Ben Franklin)
"The course of history shows that as a government grows, liberty
decreases." (Thomas Jefferson)
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2007-11-16 12:24 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2007-11-15 20:31 iptables logging Stephen Clark
2007-11-15 21:16 ` Jan Engelhardt
2007-11-16 12:24 ` Stephen Clark
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).