hi gari, Thanks for the info. I'll try it and see if it works =)
rgds, roland > ---------------------------------------------------------------------- > > Message: 1 > Date: Wed, 25 May 2005 00:59:11 +0800 > From: [EMAIL PROTECTED] > Subject: Re: [plug] IPTABLES changin default logging. > To: Philippine Linux Users Group Mailing List <[email protected]> > Message-ID: <[EMAIL PROTECTED]> > Content-Type: text/plain; charset=ISO-8859-1 > > > Hi Roland. > > I think netfilter logs are under the facility 'kern' and priority 'warn' in > syslog. But I may be mistaken. > > You can start with the line: > > kern.warn /var/log/iptables > > added to your /etc/syslog.conf and see if your iptables logs goes there. Of > course you have to restart syslogd after editing the config file. > > For more info on logging in linux, please see the syslog.conf manual (man > syslog.conf). > > You can prepend the filename with a - (minus sign) like -/var/log/iptables > specially if you are logging quite a large number of connections. > > On rotating log files, this is done quite differently across > distributions. But > if you have an /etc/logrotate.d/ directory, then you must be using > the logrotate > package. > > Just create a file under /etc/logrotate.d with filename 'iptables' (it can be > any filename you want) that contains: > > /var/log/iptables { > daily > missingok > compress > rotate 7 > create 600 root root > } > > That will cause your logfile to rotate daily and keep a week's worth of > compressed logs that can only be read by root. > > See 'man logrotate' for more options. > > HTH. > > Gari > > Quoting linux board <[EMAIL PROTECTED]>: > > > HI Linux Gurus, > > > > Can you help me with my slight concern here: > > I want to put a logging on my iptables that will go to a praticular > > directory/folder. e.g, (/var/log/iptables) I tried to enable it > > on the iptables but it will go > > through default direcorty (/var/log/messages). Here's my sample script from > > iptables: > > <! snip> IPTABLES -L > > LOG tcp -- anywhere 10.5.1.20 tcp dpt:http LOG > > level warning prefix `DROP_80' > > DROP tcp -- anywhere 10.5.1.20 tcp dpt:http > > LOG tcp -- anywhere 10.5.1.20 tcp dpt:ssh LOG > > level warning prefix `DROP_22' > > DROP tcp -- anywhere 10.5.1.20 tcp dpt:ssh > > > > Can you help me on this? Can it also configured to log rotate daily? Please > > advise. Thanks > > > > Roland Fajardo > > SKY CABLENET > > > > -- _______________________________________________ Check out the latest SMS services @ http://www.linuxmail.org This allows you to send and receive SMS through your mailbox. Powered by Outblaze -- Philippine Linux Users' Group (PLUG) Mailing List [email protected] (#PLUG @ irc.free.net.ph) Official Website: http://plug.linux.org.ph Searchable Archives: http://marc.free.net.ph . To leave, go to http://lists.q-linux.com/mailman/listinfo/plug . Are you a Linux newbie? To join the newbie list, go to http://lists.q-linux.com/mailman/listinfo/ph-linux-newbie
