lucas wrote:
Morning
all,
I have the following in my firewall script, and to my knowledge this is
meant to stop all logs from going to all ttys but this is not the case
and its a real *pain* in the ass.
$IPTABLES -N drop-and-log-it
$IPTABLES -A drop-and-log-it -j LOG --log-level info
$IPTABLES -A drop-and-log-it -j DROP
If someone could give me a hint as to what i have overlooked that would
be much appreciated, thanks
Iptables logging is handled by syslog and the output will go to the
same tty/file as the rest of the kernel messages. Your chain sets the
log level to kern.info, logs the packet, then drops it. To change the
output you can edit your /etc/syslog.conf file.
Jeff
|
