1 |
Hi! |
2 |
|
3 |
On Sun, 27 Nov 2005, Tobias Sager wrote: |
4 |
> on 2005-11-27 16:09 Abhay Kedia wrote the following: |
5 |
> > Can some one please give me any links where I can read about how to easily |
6 |
> > configure syslog-ng.conf and achieve what I desire. If you could give exact |
7 |
> > entries then I would be more than greatful. |
8 |
> |
9 |
> I do iptables with --log-prefix "{fw}" |
10 |
> and in my syslog-ng.conf |
11 |
> <snip> |
12 |
> ... |
13 |
> </snip> |
14 |
|
15 |
I use a different approach: I changed my iptables rules to use |
16 |
the ulog (user-space logging) target and I run ulogd. |
17 |
|
18 |
The main advantage and the reason why I use that is that iptables |
19 |
logging messages tend to clutter up the kernel message log if not |
20 |
treated specially. Also, they can be an annoyance on the console |
21 |
(yes I know about console_loglevel). |
22 |
|
23 |
Some also use ulog to put their iptables logs into databases |
24 |
which can then be searched in more complex ways than a simple |
25 |
grep would allow. |
26 |
|
27 |
As usual, YMMV. |
28 |
|
29 |
Regards, Tobias |
30 |
|
31 |
-- |
32 |
export DISPLAY=vt100 |
33 |
-- |
34 |
gentoo-security@g.o mailing list |