one more reason to use iptables, you can totally configure what it logs to,
including prepending messages/etc, very nifty. ipchains never had this
feature. Of course you could simply replace syslog with something better on
the Linux machines (several options).
http://www.seifried.org/lasg/
Kurt Seifried, kurt@seifried.org
PGP Key ID: 0xAD56E574 Fingerprint:
A15B BEE5 B391 B9AD B0EF AEB0 AD63 0B4E AD56 E574
http://www.seifried.org/
----- Original Message -----
From: "Guido Tschakert"
Hello list,
I'm building a firewall-system with cisco-routers and a linux-box. All logging of the machines should be send via syslog to a log-box. For each machine I want a separate logfile. In cisco-ios I can say: logging facility local0 logging log-box, which tells the router to send all logging to log-box using facility local0. And tell the syslog on the log-box: facility local0 should be dumped in /var/log/router1 But I don't see any chance to change the facility of ipchains. It has the facility kern so that the logging of the firewall-linux-box is mixed together with the local logging of the log-box. Is there any change to configure syslog or ipchains to have two separate logfiles for the firewall-box and the log-box on the log-box.
THX Guido -- ----------------- Guido Tschakert SRC, SysAd -----------------
-- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com