RE: Logging to separate file

"Mark E. Donaldson" <markee@xxxxxxxxxxxxxxx> · Fri, 12 Dec 2003 20:08:10 -0800

This should work:

# syslog.conf:
kern.=debug   
/var/log/iptables

# IPTables 
Configuration:
 ... -j LOG --log-level debug

This 
is the exact configuration I use and it works fine.  You are remembering to 
restart the syslog daemon after changes, correct?  
kill 
-HUP syslogd.pid or /etc/init.d/syslog 
restart

From: netfilter-admin@xxxxxxxxxxxxxxxxxxx 
[mailto:netfilter-admin@xxxxxxxxxxxxxxxxxxx] On Behalf Of jon 
west
Sent: Tuesday, December 09, 2003 12:45 PM
To: 
netfilter@xxxxxxxxxxxxxxxxxxx
Subject: Logging to separate 
file

I'm trying to get logging working, again.  It was logging to 
/var/log/messages and I tried to move it to /var/log/iptables.  Now I can't 
get it to log to either.

Redhat 9 on Intel box
sysconfig.conf:
(first or last line, didn't work either 
way)
kern.=debug   /var/log/iptables

IPTables Configuration:
 ... -j LOG --log-level debug

I also tried:
syslog.conf
*.=debug  /var/log/iptables

IPTables configuration:
... -j LOG --log-level debug

I also tried to delete all the things I added to syslog.conf then set the 
IPTables configuration to just "-j LOG" but it doesn't work either.

When I do an /sbin/iptables -L -vn, it says the packets are logged (then 
dropped on the next line) but I cannot get it to write to any files.

Any help?

syslog.conf (right now):
kern.=debug  
/var/log/iptables
*.info;mail.none;authpriv.none;cron.none;local6.none  
/var/log/messages
authpriv.*  /var/log/secure
mail.*  
/var/log/maillog
cron.*  /var/log/cron
*.emerg  
*
uucp,news.crit  /var/log/spooler
local7.*  
/var/log/boot.log
local6.*  /var/log/dhcp.log

Thanks.

Do you Yahoo!?
New 
Yahoo! Photos - easier uploading and sharing