dominant 04-19-2004 12:20 PM

Separate firewall logs and general logs
I have installed a SUSE 9.0 pro.
The kernel messages go to /var/log/messages
The firewall messages go to /var/log/warn and messages as well. So, i want the firewall messages to go only to /var/log/warn.

Can this be done?

mardanian 04-19-2004 12:46 PM

i am using these lines in my iptables rules set to logs. However all logs goes to /var/log/messages file

#/sbin/iptables -A INPUT -j LOG --log-prefix "input "
#/sbin/iptables -A OUTPUT -j LOG --log-prefix "output "
#/sbin/iptables -A FORWARD -j LOG --log-prefix "forward "

dominant 04-19-2004 01:54 PM

I mean configuring the /etc/syslog.conf
Does anyone know the exact configuration?

unSpawn 04-20-2004 02:26 AM

Can't. Netfilter (the kernel component of Linux firewalling) logs under a fixed facility and priority. You can't change that, the only thing you can do is make output go/copy output. If you want reporting, try using a firewall log parser (see Freshmeat).

