[Shorewall-users] fireparse

Tom Eastep teastep@shorewall.net
Fri, 12 Apr 2002 06:23:40 -0700 (Pacific Daylight Time)


On Fri, 12 Apr 2002, chet wrote:

> Hi All, just a quick one from a newbie
> I have installed fireparse and need to change my syslog.conf so that
> the parser will point to /var/log/messages.fire instead of
> /var/log/messages
>

I guess there's a question there somewhere :) As explained in FAQ #6
(http://www.shorewall.net/FAQ.htm#faq6), NetFilter always uses the 'kern'
facility for logging and YOU get to pick the level. If you have used the
usual level of 'info' then you would add:

kern.info		/var/log/messages.fire

and restart syslogd. Note that ALL kernel info log messages will go to
your firewall log, not just NetFilter messages.

-Tom
--
Tom Eastep    \ Shorewall - iptables made easy
AIM: tmeastep  \ http://www.shorewall.net
ICQ: #60745924  \ teastep@shorewall.net