[TriLUG] iptables logging ! >/dev/console
Brian A. Henning
lugmail at cheetah.dynip.com
Mon Mar 1 15:48:31 EST 2004
Hi folks,
I have my iptables set to log packets that are destined to be dropped,
with the hope of being able to discover trends in the undesirable stuff
coming my way and perhaps create more efficient rules to deal with them.
So here's my issue: iptables uses the syslog logging mechanism, with its
messages apparently falling under the kern facility. Is there a way to
configure syslogd to separate out messages from iptables for logging in a
separate file? Or at least to stop iptables log messages from getting sent
to the console, but without precluding all other kernel messages from going
to the console? I can later grep out the iptables messages from
/var/log/messages with a perl script if necessary.
My immediate concern is to stop iptables messages from going to the
console, as they can at times come frequently enough to severely interfere
with useful console interaction.
Thanks for the help,
~Brian
More information about the TriLUG
mailing list