On Thu, 2003-10-02 at 10:40, Lasse B. Jensen wrote: > > Is it possible to change the log format of iptables? As others have pointed out this is not possible, however it might make a nice feature to be added in. I've noticed that in high bandwidth environments what chokes throughput the most is logging. This materializes as the boxes throughput topping out quicker as well as garbled/partial log entries being written. I *strongly* feel that one of Netfilter's biggest strengths is the level of detail in the logs and would hate to see that change. When your pushing high speeds however, your choices come down to collecting verbose info (and thus limiting throughput) or not collecting log entries. An option that permits a terse log format (say IPs, ports & transport only) might be a nice balance. Just my $.02, Chris
