Dear All,
Today I am going to post regarding the Iptable logs. I was getting iptable in /var/log/messages, so its getting difficult to check other messages from /var/log/messages as iptables generates a huge bulk of logs.
So for that I decided to move iptables log to different directory. For this we have to do changes in foolowing configuration files.
1.) /etc/syslog.conf
In the above file append the following line.
kern.warning /home/log/iptables.log
Also as before I was getting all iptables log in /var/log/messages, So need to do some more changes in syslog.conf file as change below line...
to.....................
# Log anything (except mail) of level info or higher.
# Don't log private authentication messages!
*.info;mail.none;authpriv.none;cron.none;kernel.warning /var/log/messages
Now just restart the syslogd daemon.
[root@gateway ~]# /etc/init.d/syslog restart
Shutting down kernel logger: [ OK ]
Shutting down system logger: [ OK ]
Starting system logger: [ OK ]
Starting kernel logger: [ OK ]
[root@gateway ~]#
You can now see all iptables message logged to /home/log/iptables.log file:
[root@gateway ~]# tailf /home/log/iptables.log
Oct 4 00:33:06 gateway last message repeated 2 times
Oct 4 00:33:06 gateway kernel: IN=eth1 OUT=
!Enjoy Linux
Kuldeep Sharma
Today I am going to post regarding the Iptable logs. I was getting iptable in /var/log/messages, so its getting difficult to check other messages from /var/log/messages as iptables generates a huge bulk of logs.
So for that I decided to move iptables log to different directory. For this we have to do changes in foolowing configuration files.
1.) /etc/syslog.conf
In the above file append the following line.
kern.warning /home/log/iptables.log
Also as before I was getting all iptables log in /var/log/messages, So need to do some more changes in syslog.conf file as change below line...
# Log anything (except mail) of level info or higher.
# Don't log private authentication messages!
*.info;mail.none;authpriv.none;cron.none /var/log/messages
# Don't log private authentication messages!
*.info;mail.none;authpriv.none;cron.none /var/log/messages
to.....................
# Log anything (except mail) of level info or higher.
# Don't log private authentication messages!
*.info;mail.none;authpriv.none;cron.none;kernel.warning /var/log/messages
Now just restart the syslogd daemon.
[root@gateway ~]# /etc/init.d/syslog restart
Shutting down kernel logger: [ OK ]
Shutting down system logger: [ OK ]
Starting system logger: [ OK ]
Starting kernel logger: [ OK ]
[root@gateway ~]#
You can now see all iptables message logged to /home/log/iptables.log file:
[root@gateway ~]# tailf /home/log/iptables.log
Oct 4 00:33:06 gateway last message repeated 2 times
Oct 4 00:33:06 gateway kernel: IN=eth1 OUT=
!Enjoy Linux
Kuldeep Sharma
You have very nice blog. Just needed your help.
ReplyDeleteI have java process running on centOS. The max memory for this java process is 1536
When i run top to see the virtual memory usage for that java process it is almost 2500m
Can you explain why?
I've tried this on my setup and it worked smoothly especially useful when managing rules via proton ge where logs can pile up quickly.
ReplyDelete