Inhalt
Linux
 + Distri
 + PowerBook G3
 + myLVM-Howto
 + Nokia 6820
Network
 + Iptables
Programming
 + Makefile
 + sstream / strstream
LaTeX
 + own docs
 + tricky
 + LaTeX to PDF
 + links
Graphics
 + FAQs
 + Tools
--> Network - Iptables & Syslog
You want to log messages generated with iptables in /var/log/firewall
  1. start logging: iptables -A INPUT -m limit --limit 5/minute --limit-burst 3 -j LOG --log-level notice
    This will log all packets (limited to 5 entries per minute) which reach the end of the INPUT-chain.
    The syslog log level is 5 (means: kern.notice); default is 4 (kern.warn).
  2. edit /etc/syslog.conf: 
    kern.notice;kern.!warn		/var/log/firewall
kern.warn                       -/var/log/kern.log
    (read first line: log to /var/log/firewall all kernel.notice up to kernel.warn but exclude kernel.warn
    --> that means: log only kernel.notice)
  3. restart syslog (kill -1 PID or /etc/init.d/syslog restart)
works today (03/16/01) with kernel 2.4.20, iptables v1.2.7a, syslog 1.4.1 on Debian-Woody