* logs
@ 2003-01-20 7:39 Paulo Andre
2003-01-20 7:57 ` logs Eric Leblond
0 siblings, 1 reply; 5+ messages in thread
From: Paulo Andre @ 2003-01-20 7:39 UTC (permalink / raw)
To: netfilter
Would like to know some views on logging netfilter, is using ulogd
better than log...???
paulo
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: logs
2003-01-20 7:39 logs Paulo Andre
@ 2003-01-20 7:57 ` Eric Leblond
0 siblings, 0 replies; 5+ messages in thread
From: Eric Leblond @ 2003-01-20 7:57 UTC (permalink / raw)
To: netfilter
Le lun 20/01/2003 à 08:39, Paulo Andre a écrit :
> Would like to know some views on logging netfilter, is using ulogd
> better than log...???
ulogd depends on a daemon, and daemon can fails.
But, I never see this happen. So the main issue is not this one.
With ulogd you can log directly into a SQL database, and you've got at
least an interface (written in php) to analyse your logs :
http://home.regit.org/ulogd-php.html
(end of self ad)
An other avantage of ulogd is the fact that you can use different output
in the same type (file and sql for example). Furhtermore you can say how
many packet should be log at at time and that can help to avoid I/O
overload.
--
Eric Leblond
mail : eleblond@init-sys.com
^ permalink raw reply [flat|nested] 5+ messages in thread
* logs
@ 2004-04-09 22:07 azeem ahmad
2004-04-09 22:24 ` logs Antony Stone
2004-04-09 22:26 ` logs Jeffrey Laramie
0 siblings, 2 replies; 5+ messages in thread
From: azeem ahmad @ 2004-04-09 22:07 UTC (permalink / raw)
To: netfilter
hi alll
i want to check the logs of iptables to check who is passing throught my
machine. so plz tell me where r its logs and how can i check them
regards
Azeem
_________________________________________________________________
STOP MORE SPAM with the new MSN 8 and get 2 months FREE*
http://join.msn.com/?page=features/junkmail
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: logs
2004-04-09 22:07 logs azeem ahmad
@ 2004-04-09 22:24 ` Antony Stone
2004-04-09 22:26 ` logs Jeffrey Laramie
1 sibling, 0 replies; 5+ messages in thread
From: Antony Stone @ 2004-04-09 22:24 UTC (permalink / raw)
To: netfilter
On Friday 09 April 2004 11:07 pm, azeem ahmad wrote:
> hi alll
> i want to check the logs of iptables to check who is passing throught my
> machine. so plz tell me where r its logs and how can i check them
The LOG target takes an argument --log-level which is what determines how the
log entries are handled by your syslog daemon, according to /etc/syslog.conf
The most likely places for you to find your log entries are:
1. On the console (if you didn't specify --log-level)
2. In /var/log/messages
3. In /var/log/syslog
As for checking the logs to see "who" is passing through your machine.... good
luck :)
Regards,
Antony.
--
These clients are often infected by viruses or other malware and need to be
fixed. If not, the user at that client needs to be fixed...
- Henrik Nordstrom, on Squid users' mailing list
Please reply to the list;
please don't CC me.
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: logs
2004-04-09 22:07 logs azeem ahmad
2004-04-09 22:24 ` logs Antony Stone
@ 2004-04-09 22:26 ` Jeffrey Laramie
1 sibling, 0 replies; 5+ messages in thread
From: Jeffrey Laramie @ 2004-04-09 22:26 UTC (permalink / raw)
To: netfilter
On Friday 09 April 2004 18:07, azeem ahmad wrote:
> hi alll
> i want to check the logs of iptables to check who is passing throught my
> machine. so plz tell me where r its logs and how can i check them
> regards
> Azeem
Iptables uses syslog which writes to /var/log/messages file by default.
Jeff
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2004-04-09 22:26 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2003-01-20 7:39 logs Paulo Andre
2003-01-20 7:57 ` logs Eric Leblond
-- strict thread matches above, loose matches on Subject: below --
2004-04-09 22:07 logs azeem ahmad
2004-04-09 22:24 ` logs Antony Stone
2004-04-09 22:26 ` logs Jeffrey Laramie
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox