On Monday 03 February 2003 10:38 pm, Patrick Topping wrote: > Is it possible to have iptables log to some other file than the > messages file on a linux server?? I would like to be able to have a > log file of just iptables info and not all the other system info. > Thanks in advance. > > -Patrick How you do this will depend on your Linux distribution, but the following is the general method that works in most cases. Edit your /etc/syslog.conf file and add the following line: kern.=debug /var/log/firewall This will tell it to send Kernel logging messages (Netfilter is part of the kernel, after all) of level "debug" to the listed file. In normal usage, most people have very little kernel debug logging traffic. You WILL have other messages occasionally, but unless you are actually debugging a kernel build they will be minimal. You will need to restart the syslogd daemon after this change. On many systems this can be done (as root) with: service syslog restart Or by simply restarting the machine. The final ingredient is to append "--log-level 7" to all your iptables log rules, telling it to log as debug-level messages, which you've already told syslog to write to their own file. j
