Custom log file using iptables
Hi ,
I'd like to trace down ftp clients activity .For that purpose I added the string in /etc/syslog.conf :
kern.warning /var/log/iptables-ftp.log
and ran iptables rule like :
iptables -A INPUT -p tcp -m tcp --dport 21 -j LOG --log-prefix " FTP access "
I assumed that all messages related to this rule will be redirected to the new /var/log/iptables-ftp.log file but I see them in /var/log/messages as well .
Mar 17 10:30:04 SDR kernel: FTP access IN=eth0 OUT= MAC=00:15:32:7c:4f:62:00:0a:d7:5c:23:1a:08:00 SRC=192.127.12.345 DST=10.10.0.34 LEN=40 TOS=0x00 PREC=0x00 TTL=108 ID=56143 DF PROTO=TCP SPT=1341 DPT=21 WINDOW=65474 RES=0x00 ACK FIN URGP=0
How to configure syslog that all logs will appear only in custom log file ?
Thanks .
|