iptables issue?

[david-8uUts6sDVDvs2Lz0fTdYFQ at public.gmane.org (David Kramer)]

jkinz-+hffLmS/kj4 at public.gmane.org wrote:
> On Thu, Dec 25, 2008 at 11:35:09AM -0500, David Kramer wrote:
> ..........
>> 6) This is a side question, but how can I get firewall messages to go to 
>> some other file than /var/log/messages?  I get so many it's impossible 
>> to find other messages.
> 
> Procedure to log the iptables messages to a different log file
> 
> Open your /etc/syslog.conf file:
> # vi /etc/syslog.conf
> Append following line
> kern.warning /var/log/iptables.log
> Save and close the file.
> 
> Restart the syslogd (Debian / Ubuntu Linux):#
> /etc/init.d/sysklogd restartOn the other hand, use following
> command to restart syslogd under Red Hat/Cent OS/Fedora Core
> Linux:# /etc/init.d/syslog restart

I jut tried that (only it's rsyslog on Fedora 8).  It created an empty 
/var/log/iptables.log, and the firewall messages are still going to 
/var/log/messages.

> Now make sure you pass the log-level 4 option with log-prefix to
> iptables. For example:
> # DROP everything and Log it
> iptables -A INPUT -j LOG --log-level 4
> iptables -A INPUT -j DROP

...except I don't know how/where the rules are loaded and saved, as I 
said in my last message.  "iptables -L | wc -l" says I have over 200 
rules, and I'm NOT typing them all in by hand to recreate my current 
setup, and have no idea what would survive a reboot.

> Jeff Kinz
> (escaping the sound of the kid's new video games being played
> fullblast thru the stereo system,  Happy Christmas! ) 

I hear that.  We got "Wii Music".

Thanks.