OK, I'm going crazy here trying to get iptables to log packets to a file called /var/log/kern.info.
I've got these rules at the beginning of my chains: iptables -A INPUT --source 0.0.0.0/0 --destination 0.0.0.0/0 \ -j LOG --log-level info --log-prefix 'INPUT packet ' \ --log-tcp-options --log-ip-options iptables -A OUTPUT --source 0.0.0.0/0 --destination 0.0.0.0/0 \ -j LOG --log-level info --log-prefix 'OUTPUT packet ' \ --log-tcp-options --log-ip-options And this line in my /etc/syslog.conf: kern.=info -/var/log/kern.info But /var/log/kern.info is empty: -rw-r----- 1 root adm 0 Jul 30 10:04 /var/log/kern.info I've stopped and started /etc/init.d/sysklogd and /etc/init.d/klogd multiple times (and in various orders), as well as re-running iptables. I've also tried deleting /var/log/kern.info, changing it's ownership and permissions, and all combinations of these things. But still the file remains empty. I know the configuration files are correct, because I got it working earlier, and iptables is logging stuff to wherever 'dmesg' reads from. But ever since I decided to clear /var/log/kern.info by deleting it and touching it, I can't get sysklogd to put stuff into the file. What am I missing? And what is the right procedure to clear a log without causing sysklogd / klogd to choke? Thanks, Chris -- Christopher S. Swingley 930 Koyukuk Drive System / Network Manager University of Alaska Fairbanks IARC -- Frontier Program Fairbanks, AK 99775 phone: 907-474-2689 fax: 907-474-2643 email: [EMAIL PROTECTED] GNUPG and PGP2 keys at my web site web: http://www.frontier.iarc.uaf.edu/~cswingle
pgpg5CObSTjcs.pgp
Description: PGP signature