-
May 23rd, 2006, 06:36 PM
#11
Thanks for the responses SirDice, and Vorlin
Alright, I understand now that source doesn't work with configuration files.
Ok, the reason why I said what I did what that I used . /etc/sysconfig/Susefirewall2 to read in some changes to my firewall setup without a reboot.
According to this page source can be used to read in commands from a text file. In other words, it need not be a shell script.
So if I understand this correctly, source may be used with regular text files (such as the Susefirewall2 file) but it will only allow you to read in commands from those files. It will not work with reading in to the shell a whole configuration setup.
SirDice, I may be misunderstanding you. Were you saying that source only works with shell scripts?
For the wages of sin is death, but the free gift of God is eternal life in Christ Jesus our Lord.
(Romans 6:23, WEB)
-
May 24th, 2006, 10:15 PM
#12
Junior Member
You can modify your /etc/syslog.conf file to point to the file that you want to use for the iptables logs.
#Log iptables stuff to iptables log
kern.3 /var/log/iptables
/root/iptables, /home/%user%/iptables are other examples.
-
May 25th, 2006, 01:52 AM
#13
Junior Member
i know a little, but i don't know how to express it
i hope u can add my ICQ --220014994
-
May 25th, 2006, 05:18 AM
#14
Junior Member
#Log iptables stuff to iptables log
kern.3 /var/log/iptables
=============================
i did it like just like stlivingston said.
but when i restart syslog, there is still nothing in file iptables. and all the log are still put into /var/log/messages
and to toplanxue: thanks ! i have added ur icq account.
-
May 25th, 2006, 06:17 AM
#15
check the following link i think this is what you need.
http://iptables-tutorial.frozentux.n...html#LOGTARGET
The LOG target is specially designed for logging detailed information about packets. These could, for example, be considered as illegal. Or, logging can be used purely for bug hunting and error finding. The LOG target will return specific information on packets, such as most of the IP headers and other information considered interesting. It does this via the kernel logging facility, normally syslogd. This information may then be read directly with dmesg, or from the syslogd logs, or with other programs or applications. This is an excellent target to use to debug your rule-sets, so that you can see what packets go where and what rules are applied on what packets. Note as well that it could be a really great idea to use the LOG target instead of the DROP target while you are testing a rule you are not 100% sure about on a production firewall, since a syntax error in the rule-sets could otherwise cause severe connectivity problems for your users. Also note that the ULOG target may be interesting if you are using really extensive logging, since the ULOG target has support for direct logging to MySQL databases and suchlike.
Excuse me, is there an airport nearby large enough for a private jet to land?
-
May 25th, 2006, 11:54 PM
#16
Junior Member
What happens if you modify the syslog.conf file with this entry and restart the service?
kern.=debug /var/log/iptables
Let me know if you are having problems with this still.
-
June 18th, 2006, 07:15 AM
#17
Junior Member
Here is what I do to read iptables' log:
first, in the firewall script when i use logging i also use the following directive (or something similar):
LOG --log-prefix "IPTABLES_LOG_xxx " ...
then, i make a file iptables.log.sh, containing the following command:
Code:
cat /var/log/messages* | grep IPTABLES_LOG | sort | less -S -# 1
also, you have to make it executable with:
chmod u+x iptables.log.sh
And that's it. Now when you execute it you have your firewall's log
Linux... because rebooting is for adding new hardware!
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|