On Mon, January 30, 2006 07:39, openbsd shen wrote: > When I use "--log-level emerg" or "warn"... the messages will be > output to /var/log/messages and the standard output (screen), now I > want to filtrate the output messages instant for get the useful > messages, and I don't want to read /var/log/messages periodic, how can > I do? > Thanks. Create a logging rule that only shows you the interesting messages. I suppose you know what you can log and what you find interesting. E.g. : if you want to log ssh access (which btw is already logged by ssh), you can use something like : $ipt -A INPUT -m state --state NEW -m limit --limit 1/sec \ -p tcp --dport 22 -j LOG --log-level warn --log-prefix "ipt_ssh: " Gr, Rob
