Gentoo Archives: gentoo-user-cs

From: theruck <theruck@××××××.sk>
To: gentoo-user-cs@l.g.o
Subject: Re: [gentoo-user-cs] Hlášky firewallu
Date: Mon, 06 Nov 2006 14:48:01
Message-Id: 200611061547.30112.theruck@victim.sk
In Reply to: Re: [gentoo-user-cs] Hlášky firewallu by "Vítězslav Kašička"
1 toto som nasiel (bude ale zrejme treba nastavit do iptables na to logovanie
2 nejaky log prefix pomocou parametrea --log-prefix aby to bolo podla coho
3 rozlisovat a filtrovat:
4
5 You can use following entrys in your syslog-ng.conf to log firewall messages
6 to a seperate file than the normal kernel output.
7
8 # source kernsrc { file("/proc/kmsg"); };
9 # destination kern { file("/var/log/kern.log"); };
10 # destination firewall { file("/var/log/firewall.log"); };
11 # filter f_firewall { match("firewall"); };
12 # filter f_kern { facility(kern) and not filter(f_firewall);};
13 # log { source(kernsrc); filter(f_kern); destination(kern); };
14 # log { source(kernsrc); filter(f_firewall); destination(firewall); };
15
16
17 On Mon 6. November 2006 15:44, Vítìzslav Ka¹ièka wrote:
18 > theruck napsal(a):
19 > > si musis nastavit syslog-ng alebo cim to logujes aby to odchytaval a
20 > > ukladal do suboru
21 > > pozri si /etc/syslog-ng/syslog-ng.conf (ak ho pouzivas) alebo
22 > > http://gentoo-wiki.com/HOWTO_setup_PHP-Syslog-NG
23 >
24 > Zdravím,
25 > asi jsem se ¹patnì vyjádøil ony ty hlá¹ky jsou jak v logu (soubor
26 > massages) tak i na obrazovce. Proto si myslím ¾e je syslog-ng odchytává.
27 > Jinak jeho config soubor vypadá následovnì:
28 >
29 >
30 > # $Header:
31 > var/cvsroot/gentoo-x86/app-admin/syslog-ng/files/syslog-ng.conf.gentoo,v
32 > 1.5 2005/05/12 05:46:10 mr_bones_ Exp $
33 > #
34 > # Syslog-ng default configuration file for Gentoo Linux
35 > # contributed by Michael Sterrett
36 >
37 > options {
38 > chain_hostnames(off);
39 > sync(0);
40 >
41 > # The default action of syslog-ng 1.6.0 is to log a STATS line
42 > # to the file every 10 minutes. That's pretty ugly after a while.
43 > # Change it to every 12 hours so you get a nice daily update of
44 > # how many messages syslog-ng missed (0).
45 > stats(43200);
46 > };
47 >
48 > source src { unix-stream("/dev/log"); internal(); pipe("/proc/kmsg"); };
49 >
50 > destination messages { file("/var/log/messages"); };
51 >
52 > # By default messages are logged to tty12...
53 > destination console_all { file("/dev/tty12"); };
54 > # ...if you intend to use /dev/console for programs like xconsole
55 > # you can comment out the destination line above that references /dev/tty12
56 > # and uncomment the line below.
57 > #destination console_all { file("/dev/console"); };
58 >
59 > log { source(src); destination(messages); };
60 > #log { source(src); destination(console_all); };
61 >
62 >
63 > Co¾, jak pøiznávám, je defoltní nastavení.
64
65 --
66 gentoo-user-cs@g.o mailing list