Dear All,
Today I am going to post regarding the Iptable logs. I was getting iptable in /var/log/messages, so its getting difficult to check other messages from /var/log/messages as iptables generates a huge bulk of logs.
So for that I decided to move iptables log to different directory. For this we have to do changes in foolowing configuration files.
1.) /etc/syslog.conf
In the above file append the following line.
kern.warning /home/log/iptables.log
Also as before I was getting all iptables log in /var/log/messages, So need to do some more changes in syslog.conf file as change below line...
to.....................
# Log anything (except mail) of level info or higher.
# Don't log private authentication messages!
*.info;mail.none;authpriv.none;cron.none;kernel.warning /var/log/messages
Now just restart the syslogd daemon.
[root@gateway ~]# /etc/init.d/syslog restart
Shutting down kernel logger: [ OK ]
Shutting down system logger: [ OK ]
Starting system logger: [ OK ]
Starting kernel logger: [ OK ]
[root@gateway ~]#
You can now see all iptables message logged to /home/log/iptables.log file:
[root@gateway ~]# tailf /home/log/iptables.log
Oct 4 00:33:06 gateway last message repeated 2 times
Oct 4 00:33:06 gateway kernel: IN=eth1 OUT=
!Enjoy Linux
Kuldeep Sharma
Today I am going to post regarding the Iptable logs. I was getting iptable in /var/log/messages, so its getting difficult to check other messages from /var/log/messages as iptables generates a huge bulk of logs.
So for that I decided to move iptables log to different directory. For this we have to do changes in foolowing configuration files.
1.) /etc/syslog.conf
In the above file append the following line.
kern.warning /home/log/iptables.log
Also as before I was getting all iptables log in /var/log/messages, So need to do some more changes in syslog.conf file as change below line...
# Log anything (except mail) of level info or higher.
# Don't log private authentication messages!
*.info;mail.none;authpriv.none;cron.none /var/log/messages
# Don't log private authentication messages!
*.info;mail.none;authpriv.none;cron.none /var/log/messages
to.....................
# Log anything (except mail) of level info or higher.
# Don't log private authentication messages!
*.info;mail.none;authpriv.none;cron.none;kernel.warning /var/log/messages
Now just restart the syslogd daemon.
[root@gateway ~]# /etc/init.d/syslog restart
Shutting down kernel logger: [ OK ]
Shutting down system logger: [ OK ]
Starting system logger: [ OK ]
Starting kernel logger: [ OK ]
[root@gateway ~]#
You can now see all iptables message logged to /home/log/iptables.log file:
[root@gateway ~]# tailf /home/log/iptables.log
Oct 4 00:33:06 gateway last message repeated 2 times
Oct 4 00:33:06 gateway kernel: IN=eth1 OUT=
!Enjoy Linux
Kuldeep Sharma