On Wednesday 12 March 2003 18:51, Dirk Borchers wrote:
Hi to all,
I got the SuSEfirewall2 customized as I desired. But now for the logging: the messages are kept in three files: /var/log/messages /var/log/firewall /var/log/warn
I banned the firewall messages from /var/log/warn in syslogd.conf with *.*;mail.none;news.none;kern.none -/var/log/messages as every kernel message is kept in /var/log/firewall with kern.* -/var/log/firewall
But for /var/log/warn the entries are *.=warn;*.=err -/var/log/warn *.crit /var/log/warn How can I ban the kern.crit messages from this last log? *.crit;kern.!=crit /var/log/warn seems not to work...
The loglevel for firewall is warn not crit Because loglevel warn is also used for many other things I used the loglevel notice to log firewall messages. My setup is different because I wanted the firewall message also in messages but I think the following should work for you. Change the --log-level to notice in the FW_LOG line of firewall2.rc.config file and in syslogd.conf change the line: kern.* -/var/log/firewall to kern.=notice -/var/log/firewall I don't know if it matters but perhaps the above line should be before the line which logs things to /var/log/messages. -- GertJan Email address is invalid, so don't reply directly, I'm on the list.