Boston Linux & Unix (BLU) Home | Calendar | Mail Lists | List Archives | Desktop SIG | Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings
Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU

BLU Discuss list archive


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Discuss] 108.0.0.0/8



On Fri, Jul 15, 2011 at 09:56:56PM -0400, David Kramer wrote:
> While I'm on this winning streak, let me ask one question I've never
> been able to get an answer on: I *HATE* the fact that all these iptables
> log messages take over /var/log/messages.  I've seen ways of writing
> them elsewhere in addition to /var/log/messages, and I've seen ways of
> writing all kernel warnings to another file, but never a way of writing
> just iptables output (and all of iptables output) to just
> /var/log/iptables.log (or whatever).   Is there a way?

IIRC, there's not much you can do here, as all messages from the
kernel are logged to the kern facility. AFAIK there's no way to
change that even for all kernel messages, never mind selectively.  You
can use iptables --log-level to change the level of the messages, and
then send messages of only that level to a different file (that is,
kern.=$level, where $level = the syslog level you chose).  Short of
that, you'd probably have to patch your kernel to have it use a
different facility, for find/write an iptables module to have your
logging done by an external program.

If you're willing to write code, you can do just about anything. :)

-- 
Derek D. Martin    http://www.pizzashack.org/   GPG Key ID: 0xDFBEAD02
-=-=-=-=-
This message is posted from an invalid address.  Replying to it will result in
undeliverable mail due to spam prevention.  Sorry for the inconvenience.




BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!



Boston Linux & Unix / webmaster@blu.org