Hi,
I use personalized ipfilters and I want to log dropped packet to a dedicated
file in /var/log by using syslog.
I've done some part of the configuration but the iptables messages are not
writed in the file I want. They're displayed on console only...
You can see below the command I issue to get this behavior.
#for iptables
#in a user define chain called for each packet i want to filter
iptables -A LOG_AND_DROP -m limit --limit 10/minute -j LOG --log-level info
--log-prefix "[IPTABLES DROP]: "
#my syslog.conf#
auth,authpriv.* /var/log/auth.log
*.*;auth,authpriv.none -/var/log/syslog
daemon.* -/var/log/daemon.log
kern.* -/var/log/kern.log
lpr.* -/var/log/lpr.log
mail.* -/var/log/mail.log
user.* -/var/log/user.log
uucp.* /var/log/uucp.log
mail.info -/var/log/mail.info
mail.warn -/var/log/mail.warn
mail.err /var/log/mail.err
news.crit /var/log/news/news.crit
news.err /var/log/news/news.err
news.notice -/var/log/news/news.notice
*.=debug;\
auth,authpriv.none;\
news.none;mail.none -/var/log/debug
*.=info;*.=notice;*.=warn;\
auth,authpriv.none;\
cron,daemon.none;\
mail,news.none -/var/log/messages
*.emerg *
daemon.*;mail.*;\
news.crit;news.err;news.notice;\
*.=debug;*.=info;\
*.=notice;*.=warn |/dev/xconsole
kern.=info /var/log/firewall
#eof#
The /var/log/kern.log is not populated too ! And, no reference to 'console'
can be seen here.
So, why messages are displayed on console !
Thanks for your help | answers | time :)
--
Guillaume
