[TriLUG] iptables logging ! >/dev/console
Glen Ford
gford at idiom.com
Mon Mar 1 15:57:01 EST 2004
Brian A. Henning wrote:
>Hi folks,
> I have my iptables set to log packets that are destined to be dropped,
>with the hope of being able to discover trends in the undesirable stuff
>coming my way and perhaps create more efficient rules to deal with them.
> So here's my issue: iptables uses the syslog logging mechanism, with its
>messages apparently falling under the kern facility. Is there a way to
>configure syslogd to separate out messages from iptables for logging in a
>separate file? Or at least to stop iptables log messages from getting sent
>to the console, but without precluding all other kernel messages from going
>to the console? I can later grep out the iptables messages from
>/var/log/messages with a perl script if necessary.
> My immediate concern is to stop iptables messages from going to the
>console, as they can at times come frequently enough to severely interfere
>with useful console interaction.
>
>Thanks for the help,
>~Brian
>
>
>
try dmesg -n 4
/glen
--
Glen Ford
gford at idiom.com
More information about the TriLUG
mailing list