I defintly hate to see iptables log entry in /var/log/syslog. No problem, syslog-ng just make my case. According to conflict relationships its installation will imply uninstallation of sysklogd and klogd packages: no problem, syslog-ng do everything and much more! Let's see how to configure it to put iptables logs in a separate file.
In your iptables rules you can specify a prefix to be added to each log entry. Here an example:
In your iptables rules you can specify a prefix to be added to each log entry. Here an example:
iptables -I INPUT -i eth1 -p tcp --dport 22 -j LOG --log-prefix MyIptablesPrefix:Now that you can distinguish them, configure syslog-ng to put lines matching the prefix in a separate file. Just append the following lines to /etc/syslog-ng/syslog-ng.conf:
destination df_firewall {
file("/var/log/firewall.log");
};
filter f_firewall {
match("MyIptablesPrefix:");
};
log {
source(s_all);
filter(f_firewall);
destination(df_firewall);};
filter f_syslog { not facility(auth, authpriv) };filter f_syslog { not facility(auth, authpriv) and not match ("MyIptablesPrefix"); };
1 comments:
Welcome to lineage 2 adena Our WoW Gold, wow power leveling Online Maple Story mesos Store wow gold for World Guild Wars Gold Of Warcraft power leveling, Cheap 2moon dil WoW Gold, FFXI Gil World Of lotro gold Warcraft Gold, final fantasy gil warcraft goldlord of the rings gold
Post a Comment