On Tuesday 01 April 2003 04:58 am, Michael Klinteberg wrote: > ---------- Original Message ---------------------------------- > From: Joel Newkirk <netfilter@xxxxxxxxxx> > Reply-To: netfilter@xxxxxxxxxx > Date: Tue, 1 Apr 2003 03:41:48 -0500 > >I was curious to hear what people might have as a 'wishlist' for > >iptables/netfilter capabilities. Every once in a while something > > comes > >up here that simply doesn't seem to have a good solution. > >My hope is that many of our personal wishes may already be > >possible, and > >by voicing them someone who has a solution may post it. And for > >2 - completely separate netfilter logging from kernel log > > streams. (not > >just redirecting infrequently-used kernel streams, but actual > >dedicated netfilter streams) > > Ohh yes!!! This is also "a must have". An extended to this yould > be to log to diffrent files for diffrent rules. Something like > iptables -A INPUT -s bad.host.net --log- > file /var/log/netfilter/bad.hosts -j LOG That can be 'fudged' right now by using --log-level debug and --log-level notice, for instance, then redirecting kern.=debug to one file and kern.=notice to another from /etc/syslog.conf. Both streams usually have very little traffic. j
