[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: ipchains logging

From: Lee Howard <faxguy deanox com>
To: guinness-list redhat com
Subject: Re: ipchains logging
Date: Tue, 03 Oct 2000 21:22:01 -0600

>> if I do this:
>> 
>> ipchains -A forward -s 192.168.1.0/24 -j MASQ -l
>> 
>> then where does that '-l' logging information go to?

>It will go to syslogd, with a setting of kern and info.  If you put in a
>log entry like this:
>kern.=info                                         /var/log/ipchains       
>it will put these messages in a file called ipchains.  You will probably
>find the messages in /var/log/messages now.  They will still be put in
>there with the new entry in /etc/syslog.conf, unless you make more
>modifications to the config file.

Excellent help.  I'm a bit concerned, though, because the amount of
information is a little too much.  After one day:

-rw-r--r--   1 root     root     19928490 Oct  3 20:16 ipchains

I've got a 19M file, which will be *too* big by the time it gets flushed by
cron (if cron will flush this as-is, without me adding anything more).

I don't suppose that there's any way I can get less information from the
ipchains logging, is there?  (Considering the nature of packet forwarding,
I doubt that it's even a realistic option.)

Thanks.

Lee Howard

Follow-Ups:
- Re: ipchains logging
  - From: "Mikkel L. Ellertson" <mikkel@Infinity-ltd.com>
- Re: ipchains logging
  - From: Kevin Smith <kevin.smith@econception.com>

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index] []