LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
Reload this Page iptables logging to 3 log files
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices


Reply
  Search this Thread
Old 07-21-2010, 03:13 PM   #1
peridot121
LQ Newbie
 
Registered: Jul 2009
Posts: 15

Rep: Reputation: 2
Question iptables logging to 3 log files

Hi,

Whether I use ufw or firestarter to populate my iptables, my firewall logs get written to 3 different log files:
/var/log/messages
/var/log/kern.log
/var/log/syslog
I want to keep the logging turned on, but I'd rather it not log to syslog, as it's obscuring other events in syslog that I'd like to see. I'm using rsyslog on Ubuntu. I looked around online and found one person suggesting I add this to the top of rsyslog.conf:

kern.* -/var/log/kern.log
kern.* ~

I did that and restarted rsyslog, but it's still logging to the same 3 files. Can anyone help?

Thanks!
 
Old 07-22-2010, 05:23 AM   #2
JZL240I-U
Senior Member
 
Registered: Apr 2003
Location: Germany
Distribution: openSuSE Tumbleweed-KDE, Mint 21, MX-21, Manjaro
Posts: 4,629

Rep: Reputation: Disabled
Wouldn't that be handled by ulogd and ulogd.conf respectively?

http://linux.die.net/man/8/ulogd
 
Old 07-22-2010, 06:13 PM   #3
peridot121
LQ Newbie
 
Registered: Jul 2009
Posts: 15

Original Poster
Rep: Reputation: 2
I don't have ulogd. What handles the logging is rsyslogd and rsyslog.conf.
 
Old 07-28-2010, 05:33 AM   #4
vikas027
Senior Member
 
Registered: May 2007
Location: Sydney
Distribution: RHEL, CentOS, Ubuntu, Debian, OS X
Posts: 1,305

Rep: Reputation: 107Reputation: 107
I find no reason to remove this from syslog.

If the disk utlization is the problem for you, you can use logrotate utlitiy.

Get back if you need more details on that or rather you can try google-ing it.
 
Old 07-30-2010, 05:50 PM   #5
peridot121
LQ Newbie
 
Registered: Jul 2009
Posts: 15

Original Poster
Rep: Reputation: 2
I do use logrotate. The problem is that there are so many entries that they obscure other entries that I would like to be more visible. Also, I don't really see the point of putting them into three different log files, especially when there is a high potential volume.
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Firewall log file, how to make several different log files with IPTables? newtovanilla Linux - Newbie 5 11-28-2008 12:39 PM
Access log-files without logging in as root Bl4deRunner Linux - Security 2 04-10-2006 05:28 AM
Apache 2.0 | logging | Recording the host name in the log files ganz_friedrich Linux - Software 2 02-16-2006 03:06 PM
Deleted /var/log/messages, can't log any files-iptables chingyenccy Linux - Newbie 7 02-27-2005 04:03 PM
IPTables logging going to console not the log file arobinson74 Linux - Networking 2 04-01-2003 01:20 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Server

All times are GMT -5. The time now is 03:14 AM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration