Here is a great place to read all about
how --log-level works and about iptables in general….
http://www.linuxguruz.org/iptables/
-----Original Message-----
From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of 3bird
Sent: Sunday, April 28, 2002 9:56
AM
To: [EMAIL PROTECTED]
Subject: Lack of basic --log-level
understanding.
Hello,
I'm using iptables 1.2.3 and I'm confused with the way '--log-level' works. According
to the iptables(8) man it can take numeric arguments. I assume these numeric
arguments are 1 to 8 (c.q debug to emerg) as specified in the syslog.conf man:
The priority is one
of the following keywords, in ascending order: debug, info, notice, warning,
warn (same as warning), err, error (same as err), crit, alert, emerg, panic
(same as emerg). The keywords error, warn and panic are deprecated and
should not be used anymore. The priority defines the severity of
the message
I conclude from this, emphasizing the ascending
order note, that "debug" should be '--log-level 1',
"info" should be '--log-level 2' etcetera. This makes
"warning" '--log-level 7'. However, after experimenting a bit with
the --log-level argument in my iptables rules I come to the conclusion that
when I specify '--log-level 1' it logs to syslog as priority
"warning", and not as priority "debug" as I thought it
would and as it should according to my previous interpretation of both man
pages.
Likely it's me who's got it all wrong, or it's the numeric argument to
iptables' '--log-level' that differs from the order in which the priorities are
mentioned in the syslog.conf(5) man.
I'd greatly appreciate an explanation.
Yours sincerly;
3b.
