asignar una facility propia al target LOG de iptables
Hola a todos, Alguien sabe si es posible asignar una nueva facility al syslogd para los registros del target -j LOG de iptables. Sé que se puede añadir un prefijo a la target del iptables y así poder filtrarlos de la facility kernel pero esto no me es suficiente. Gracias por vuestra ayuda. Alberto Aliaga Zapata Dpto. de Sistemas CABLE & WIRELESS Delivering the Internet PromiseTM www.cw.com/es Email: alberto.aliaga@cw.com Tel.: +34 93 264 05 34 Fax: +34 93 264 05 39
On Tue, Aug 13, 2002 at 11:13:45AM +0200, Aliaga, Alberto wrote:
Hola a todos, Hi there, This is an english list. [translating] Does anybody know whether it is possible to assign an other syslog facility for logging target of iptables.
If a am correct, this is not possible without some source code hacks, since the logging is done in the kernel module by printk's. you can only change the priority. you could assign a seldom used kernel priority and redirect only that priority to an other file in syslog.conf like kern.<iptables log priority> /var/log/iptables.log or you can hack the module to use the syslog facility, which to me does not seem useful, if doable... just use a filter for the kernel log.
Gracias por vuestra ayuda. de nada.
Lars-Gunnar
hi list, hi alberto because this is a english-spoken list, all people prefer you use rather a bad english (as me) as a perfect spanish. I hope I understand everything. you want to pipe all logged entries from IPTABLES to a specific log-file. you know the switch "-j LOG" and that you are able to filter all kernel related stuff (kern.*) into a special log file (like /var/log/firewall) which is controlled by the syslog.conf but this is not enough for you. I also searched without success for that topic in the excellented firewall/IPTables book from Wolfgang Barth. maybe he is on the list and can give a hint? but a good solution is for me to filter the /var/log/firewall with the generator fwlogwatch (output also in html possible). http://cert.uni-stuttgart.de/projects/fwlogwatch/ the html-output is very useful to get a quick overview. Am Dienstag, 13. August 2002 11:13 schrieb Aliaga, Alberto:
Hola a todos,
Alguien sabe si es posible asignar una nueva facility al syslogd para los registros del target -j LOG de iptables. Sé que se puede añadir un prefijo a la target del iptables y así poder filtrarlos de la facility kernel pero esto no me es suficiente.
Gracias por vuestra ayuda.
Alberto Aliaga Zapata Dpto. de Sistemas
CABLE & WIRELESS Delivering the Internet PromiseTM www.cw.com/es
Email: alberto.aliaga@cw.com Tel.: +34 93 264 05 34 Fax: +34 93 264 05 39
-- Mit freundlichen Grüssen / With kind regards Dipl.-Ing. Harald Nikolisin SOFiSTiK AG (Entwicklung)
participants (3)
-
Aliaga, Alberto
-
Harald Nikolisin
-
Lars Ellenberg