Hi!
On Sun, 27 Nov 2005, Tobias Sager wrote:
> on 2005-11-27 16:09 Abhay Kedia wrote the following:
> > Can some one please give me any links where I can read about how to easily
> > configure syslog-ng.conf and achieve what I desire. If you could give exact
> > entries then I would be more than greatful.
>
> I do iptables with --log-prefix "{fw}"
> and in my syslog-ng.conf
> <snip>
> ...
> </snip>
I use a different approach: I changed my iptables rules to use
the ulog (user-space logging) target and I run ulogd.
The main advantage and the reason why I use that is that iptables
logging messages tend to clutter up the kernel message log if not
treated specially. Also, they can be an annoyance on the console
(yes I know about console_loglevel).
Some also use ulog to put their iptables logs into databases
which can then be searched in more complex ways than a simple
grep would allow.
As usual, YMMV.
Regards, Tobias
--
export DISPLAY=vt100
--
gentoo-security@gentoo.org mailing list
