On 08/01/2011 03:23 PM, Kenneth Porter wrote:
Here is an example using rsyslog:--On Wednesday, July 20, 2011 10:44 AM -0500 cbulist@xxxxxxxxx wrote:We are trying to track some specific rules using LOG as target. Everything is working well but the problem is that iptables is flooding the console with LOG messages.In addition to the other suggestions, you could switch to rsyslog, included in CentOS base. It provides much more flexible filtering options. Add a unique string to your iptables log lines and match on it to divert all of its logs to a separate file (or virtual console). After switching to rsyslog, my /var/log/messages rarely gets a new message, as I've diverted everything to subsystem-specific log files. (Remember to add logrotate entries for them so your disk doesn't fill up.) _______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos note log-level7 is kern.debug iptables log line: -A ACCEPTnLOG -m limit --limit 30/min -j LOG --log-level 7 --log-prefix "fw (ACCEPTnLOG) " part of rsyslog.conf - first don't log kern.debug messages to /var/log/messages ... *.info;kern.!=debug;mail.none;authpriv.none;cron.none /var/log/messages ... #put messages that start with "fw " in /var/log/firewall.log :msg, startswith, "fw " -/var/log/firewall.log --
Stephen Clark NetWolves Sr. Software Engineer III Phone: 813-579-3200 Fax: 813-882-0209 Email: steve.clark@xxxxxxxxxxxxx http://www.netwolves.com |
_______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos
