Gentoo Archives: gentoo-user-cs

From: theruck <theruck@××××××.sk>
To: gentoo-user-cs@l.g.o
Subject: Re: [gentoo-user-cs] Hlášky firewallu
Date: Mon, 06 Nov 2006 14:48:01
Message-Id: 200611061547.30112.theruck@victim.sk
In Reply to: Re: [gentoo-user-cs] Hlášky firewallu by "Vítězslav Kašička"
toto som nasiel (bude ale zrejme treba nastavit do iptables na to logovanie 
nejaky log prefix pomocou parametrea --log-prefix aby to bolo podla coho 
rozlisovat a filtrovat:

You can use following entrys in your syslog-ng.conf to log firewall messages 
to a seperate file than the normal kernel output.

# source kernsrc { file("/proc/kmsg"); };
# destination kern { file("/var/log/kern.log"); };
# destination firewall { file("/var/log/firewall.log"); };
# filter f_firewall { match("firewall"); };
# filter f_kern { facility(kern) and not filter(f_firewall);};
# log { source(kernsrc); filter(f_kern); destination(kern); };
# log { source(kernsrc); filter(f_firewall); destination(firewall); };


On Mon 6. November 2006 15:44, Vítìzslav Ka¹ièka wrote:
> theruck napsal(a): > > si musis nastavit syslog-ng alebo cim to logujes aby to odchytaval a > > ukladal do suboru > > pozri si /etc/syslog-ng/syslog-ng.conf (ak ho pouzivas) alebo > > http://gentoo-wiki.com/HOWTO_setup_PHP-Syslog-NG > > Zdravím, > asi jsem se ¹patnì vyjádøil ony ty hlá¹ky jsou jak v logu (soubor > massages) tak i na obrazovce. Proto si myslím ¾e je syslog-ng odchytává. > Jinak jeho config soubor vypadá následovnì: > > > # $Header: > var/cvsroot/gentoo-x86/app-admin/syslog-ng/files/syslog-ng.conf.gentoo,v > 1.5 2005/05/12 05:46:10 mr_bones_ Exp $ > # > # Syslog-ng default configuration file for Gentoo Linux > # contributed by Michael Sterrett > > options { > chain_hostnames(off); > sync(0); > > # The default action of syslog-ng 1.6.0 is to log a STATS line > # to the file every 10 minutes. That's pretty ugly after a while. > # Change it to every 12 hours so you get a nice daily update of > # how many messages syslog-ng missed (0). > stats(43200); > }; > > source src { unix-stream("/dev/log"); internal(); pipe("/proc/kmsg"); }; > > destination messages { file("/var/log/messages"); }; > > # By default messages are logged to tty12... > destination console_all { file("/dev/tty12"); }; > # ...if you intend to use /dev/console for programs like xconsole > # you can comment out the destination line above that references /dev/tty12 > # and uncomment the line below. > #destination console_all { file("/dev/console"); }; > > log { source(src); destination(messages); }; > #log { source(src); destination(console_all); }; > > > Co¾, jak pøiznávám, je defoltní nastavení.
-- gentoo-user-cs@g.o mailing list