asignar una facility propia al target LOG de iptables - openSUSE Security - openSUSE Mailing Lists

newer
RE: [suse-security] asignar una...

asignar una facility propia al target LOG de iptables

older
PAM and Samba

Aliaga, Alberto

13 Aug 2002 13 Aug '02

09:13

Hola a todos, Alguien sabe si es posible asignar una nueva facility al syslogd para los registros del target -j LOG de iptables. Sé que se puede añadir un prefijo a la target del iptables y así poder filtrarlos de la facility kernel pero esto no me es suficiente. Gracias por vuestra ayuda. Alberto Aliaga Zapata Dpto. de Sistemas CABLE & WIRELESS Delivering the Internet PromiseTM www.cw.com/es Email: alberto.aliaga@cw.com Tel.: +34 93 264 05 34 Fax: +34 93 264 05 39

Reply

Sign in to reply online Use email software

Show replies by date

Lars Ellenberg

13 Aug 13 Aug

10:03

New subject: [suse-security] asignar una facility propia al target LOG de iptables

On Tue, Aug 13, 2002 at 11:13:45AM +0200, Aliaga, Alberto wrote:

Hola a todos, Hi there, This is an english list. [translating] Does anybody know whether it is possible to assign an other syslog facility for logging target of iptables.

If a am correct, this is not possible without some source code hacks, since the logging is done in the kernel module by printk's. you can only change the priority. you could assign a seldom used kernel priority and redirect only that priority to an other file in syslog.conf like kern.<iptables log priority> /var/log/iptables.log or you can hack the module to use the syslog facility, which to me does not seem useful, if doable... just use a filter for the kernel log.

Gracias por vuestra ayuda. de nada.

Lars-Gunnar

Reply

Sign in to reply online Use email software

Harald Nikolisin

10:10

New subject: [suse-security] asignar una facility propia al target LOG de iptables

hi list, hi alberto because this is a english-spoken list, all people prefer you use rather a bad english (as me) as a perfect spanish. I hope I understand everything. you want to pipe all logged entries from IPTABLES to a specific log-file. you know the switch "-j LOG" and that you are able to filter all kernel related stuff (kern.*) into a special log file (like /var/log/firewall) which is controlled by the syslog.conf but this is not enough for you. I also searched without success for that topic in the excellented firewall/IPTables book from Wolfgang Barth. maybe he is on the list and can give a hint? but a good solution is for me to filter the /var/log/firewall with the generator fwlogwatch (output also in html possible). http://cert.uni-stuttgart.de/projects/fwlogwatch/ the html-output is very useful to get a quick overview. Am Dienstag, 13. August 2002 11:13 schrieb Aliaga, Alberto:

Hola a todos,

Alguien sabe si es posible asignar una nueva facility al syslogd para los registros del target -j LOG de iptables. Sé que se puede añadir un prefijo a la target del iptables y así poder filtrarlos de la facility kernel pero esto no me es suficiente.

Gracias por vuestra ayuda.

Alberto Aliaga Zapata Dpto. de Sistemas

CABLE & WIRELESS Delivering the Internet PromiseTM www.cw.com/es

Email: alberto.aliaga@cw.com Tel.: +34 93 264 05 34 Fax: +34 93 264 05 39

-- Mit freundlichen Grüssen / With kind regards Dipl.-Ing. Harald Nikolisin SOFiSTiK AG (Entwicklung)

Reply

Sign in to reply online Use email software

7938

Age (days ago)

7938

Last active (days ago)

Download

2 comments

3 participants

tags

participants (3)

Aliaga, Alberto
Harald Nikolisin
Lars Ellenberg