![](https://seccdn.libravatar.org/avatar/147aa1d05eb03646be94e3d3d5485475.jpg?s=120&d=mm&r=g)
Hi Harald, I would like to thank you for comment about the generator fwlogwatch, It may be interesting for my issue. As well, I would like to apologize for sending my question to this list in spanish, I did not know that this list is a only english-spoken list. By the way, It seems that the --log-prefix option in LOG target is a good option to select iptables logs from facility kernel.*, as long as you use a specific enough prefix. Thank you for all Alberto Aliaga Zapata Dpto. de Sistemas CABLE & WIRELESS Delivering the Internet PromiseTM www.cw.com/es Email: alberto.aliaga@cw.com Tel.: +34 93 264 05 34 Fax: +34 93 264 05 39 -----Mensaje original----- De: Harald Nikolisin [mailto:harald.nikolisin@sofistik.de] Enviado el: Tuesday, August 13, 2002 12:10 PM Para: SuSE Security Discussion (E-mail) Asunto: Re: [suse-security] asignar una facility propia al target LOG de iptables hi list, hi alberto because this is a english-spoken list, all people prefer you use rather a bad english (as me) as a perfect spanish. I hope I understand everything. you want to pipe all logged entries from IPTABLES to a specific log-file. you know the switch "-j LOG" and that you are able to filter all kernel related stuff (kern.*) into a special log file (like /var/log/firewall) which is controlled by the syslog.conf but this is not enough for you. I also searched without success for that topic in the excellented firewall/IPTables book from Wolfgang Barth. maybe he is on the list and can give a hint? but a good solution is for me to filter the /var/log/firewall with the generator fwlogwatch (output also in html possible). http://cert.uni-stuttgart.de/projects/fwlogwatch/ the html-output is very useful to get a quick overview. Am Dienstag, 13. August 2002 11:13 schrieb Aliaga, Alberto:
Hola a todos,
Alguien sabe si es posible asignar una nueva facility al syslogd para los registros del target -j LOG de iptables. Sé que se puede añadir un prefijo a la target del iptables y así poder filtrarlos de la facility kernel pero esto no me es suficiente.
Gracias por vuestra ayuda.
Alberto Aliaga Zapata Dpto. de Sistemas
CABLE & WIRELESS Delivering the Internet PromiseTM www.cw.com/es
Email: alberto.aliaga@cw.com Tel.: +34 93 264 05 34 Fax: +34 93 264 05 39
-- Mit freundlichen Grüssen / With kind regards Dipl.-Ing. Harald Nikolisin SOFiSTiK AG (Entwicklung) -- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com Security-related bug reports go to security@suse.de, not here