LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Newbie (http://www.linuxquestions.org/questions/linux-newbie-8/)
-   -   Firewall log file, how to make several different log files with IPTables? (http://www.linuxquestions.org/questions/linux-newbie-8/firewall-log-file-how-to-make-several-different-log-files-with-iptables-686583/)

newtovanilla 11-27-2008 04:01 AM

Firewall log file, how to make several different log files with IPTables?
 
I am a newbie to Linux, and have been trying to figure out how to set the log file names for the Firewall, and how I can have several different log files that log different things. After a google search, I found that the Linux Firewall uses IPTables, and I found that there is a log for IPTables.

How can I get several different log files with IPTables and set the log file names?

jstephens84 11-27-2008 10:58 AM

So if I understand you correctly you want say a Log for Incoming, and Outgoing, or more like, Log for Information, Warnings, and Attacks.

newtovanilla 11-27-2008 02:36 PM

Yeah, a Firewall log. How to set the log file name and how to have several different log files to use for the Firewall?

salter 11-27-2008 10:40 PM

Have a read on the subject at http://www.cyberciti.biz/tips/force-...-log-file.html
It should answer the question

jstephens84 11-27-2008 11:24 PM

Quote:

Originally Posted by salter (Post 3357348)
Have a read on the subject at http://www.cyberciti.biz/tips/force-...-log-file.html
It should answer the question

Great link but I think (could be completly wrong) but the OP wants to log certain events to two different logs. Like normal events to say a log called info.log and say intrusion messages to say a intrusion.log. But as I said I could be really off on what he is requesting.

newtovanilla 11-28-2008 12:39 PM

Quote:

It should answer the question
Yeah, that helps. Thanks for the link to it.


Quote:

Just to let you all know. Even though you are setting this to log to /var/log/iptables.log, it still logs into /var/log/messages.

I am working on a fix for this.
How does it know to log the Firewall stuff into "/var/log/iptables.log" and can I add a couple of different files such as "/var/log/iplog1.log" "/var/log/iplog2.log" and "/var/log/iplog3.log"? It does not explain how to do that! And, it does not explain what name I can use for the log? And it does not explain how to tell IPTables what log files I want it to use, so how does it know to use the new log files?

Also, I could not find out about the log levels option and how to use it. The man page says to look at "syslog.conf(8)" and I can not find anything about log levels. There is no: man 8 syslog.conf???

Is there a commnad line to get your Firewall log level?


All times are GMT -5. The time now is 07:53 AM.