Hi,
I am logging what
our firewall is dropping (with the -j LOG option), and the log file is
enormous (2+ Gb a day). I was wondering if it is posible to define what
goes into the log.
currently it gives
this :
Oct 24 14:46:52
MEGALOMANIA kernel: IN=br0 OUT=br0 PHYSIN=eth1 PHYSOUT=eth0 SRC=""
DST=192.38.103.193 LEN=92 TOS=0x00 PREC=0x00 TTL=128 ID=27977 PROTO=ICMP TYPE=8
CODE=0 ID=512 SEQ=60760
But all I am
interested in is the time, src, dst and len variables, everything else is not
needed for our logging. Can you adjust this? if so, how?
Thanks,
Thomas
Hanson
