Re: Logging IPTables to file using syslogd
From: Duane Dunston (duane@sukkha.info)Date: 06/19/02
- Previous message: Pyuesh Daya: "Logging IPTables to file using syslogd"
- In reply to: Pyuesh Daya: "Logging IPTables to file using syslogd"
- Next in thread: Harry Putnam: "Re: Logging IPTables to file using syslogd"
- Reply: Harry Putnam: "Re: Logging IPTables to file using syslogd"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 19 Jun 2002 13:57:15 -0400 (EDT) From: Duane Dunston <duane@sukkha.info> To: <security-discuss@linuxsecurity.com>
First, create a new file in the location you want the logs to go.
touch /var/log/newfile
(you don't want normal users looking at this file so you change the perms.
chmod 600 /var/log/newfile
Add the new file to /etc/syslog.conf
kern.* -/var/log/newfile
refresh syslog to read the new settings.
kill -HUP `cat /var/run/syslogd.pid`
or just restart it altogether.
Check your new file to see if it is collecting the firewall logs.
tail /var/log/newfile
or
tail -f /var/log/newfile (for real-time viewing)
Hope this helps. Let us know if you have more questions.
On Wed, 19 Jun 2002, Pyuesh Daya wrote:
>
> Hi Guys
>
> I have an iptables firewall, and i am looking at logging on the firewall logs into the seperate file using syslogd, at present moment, it is being logged to the messages file and and file call firewall. My syslod.conf file is as follows :
>
> kern.* -/var/log/firewall
> *.err;authpriv.none /dev/tty10
> *.err;authpriv.none |/dev/xconsole
> *.emerg *
>
>
>
> mail.* -/var/log/mail
>
> news.crit -/var/log/news/news.crit
> news.err -/var/log/news/news.err
> news.notice -/var/log/news/news.notice
>
> *.=warn;*.=err -/var/log/warn
> *.crit /var/log/warn
>
> *.*;mail.none;news.none -/var/log/messages
>
>
> local0,local1.* -/var/log/localmessages
> local2,local3.* -/var/log/localmessages
> local4,local5.* -/var/log/localmessages
> local6,local7.* -/var/log/localmessages
>
>
> How do I change this so the logging is done to seperate files.
>
-- duaneFun reading...well for some. 8-) http://www.linuxsecurity.com/feature_stories/dsniff-monitoring.html http://www.linuxsecurity.com/feature_stories/feature_story-89.html http://www.linuxsecurity.com/feature_stories/feature_story-88.html
------------------------------------------------------------------------ To unsubscribe email security-discuss-request@linuxsecurity.com with "unsubscribe" in the subject of the message.
- Previous message: Pyuesh Daya: "Logging IPTables to file using syslogd"
- In reply to: Pyuesh Daya: "Logging IPTables to file using syslogd"
- Next in thread: Harry Putnam: "Re: Logging IPTables to file using syslogd"
- Reply: Harry Putnam: "Re: Logging IPTables to file using syslogd"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
