Setup syslog for firewall log message {Scanned}
SW
wppiphoto at wppi.com
Thu Jan 6 21:04:43 UTC 2005
Hi folks,
I'm trying to keep my /var/log/messages from getting cluttered w/ log
messages from my firewall. So, I'm trying to setup in /etc/syslog.conf a
different log to use for messages from my firewall. But, I can't figure out
what I need to put in /etc/syslog.conf to acomplish this. Can anyone help?
Here is the firewall message which are now populating my /var/log/messages:
Jan 6 15:55:50 209.81.27.2 id=firewall sn=00B19C time="2005-01-06 15:55:57"
fw=209.81.27.2 pri=6 c=1024 m=537 msg="Connection Closed" n=12370
src=209.81.27.2:4657:LAN dst=130.202.101.6:137:WAN proto=udp/netbios-ns
sent=78
I want to move them to /var/log/firewall, so in my /etc/syslog.conf what do
I need to put? I tried the following compinations and nothing worked:
#Firewall messages
firewall.* /var/log/firewall
*.firewall /var/log/firewall
id=firewall.* /var/log/firewall
209.81.27.2.* /var/log/firewall
*.209.81.27.2 /var/log/firewall
Thanks,
SW
-------------------------------------------------
WPPi.com | WPPi.Net
-------------------------------------------------
http://www.wppi.com | http://www.wppi.net
-------------------------------------------------
WPPi.com & WPPi.Net MailScanner Signature
This message has been scanned for viruses
and dangerous content by WPPi MailScanner,
and has been found to be clean.
-------------------------------------------------
More information about the redhat-list
mailing list