[WBEL-users] Re: Iptables and syslogd
keith morse
kgmorse at mpcu.com
Mon May 23 12:11:05 CDT 2005
Jean Lee wrote:
> Hello,
>
> I have an iptables firewall which works fine and I am using a LOG chain
> to log denied packets
> It works fine and all the packets are logged to /var/log/messages
>
> Now, I want to log all (and only) these denied packets in a different
> file. For example /var/log/iptables.log.
> I tried a few things in syslog.conf like
>
> iptables.none /var/log/messages
> iptables.* /var/log/iptables.log
>
> But it doesn't work because iptables is not a known facility like cron.
>
> Does anybody knows how to do it ?
>
> Thank you for any answer...
>
I don't think syslog has that fine grain of control. Because of this I've
been using syslog-ng to parse out syslog info to different files. In my
case it was redirecting imap and ipop message to another files besides
/var/log/maillog.
More information about the Whitebox-users
mailing list