[syslog-ng]Logging to a specific destination

Anoop Rajendra syslog-ng@lists.balabit.hu
Thu, 12 Aug 2004 13:33:38 -0500


I need to log all messages from iptables, ipmasq to a particular file
(say iptables.log) and to that only and nothing else. Is there a way to
specifically define this, ie say that messages from this daemon should
go nowhere else? i've tried - 

# IPMasq Messages
destination ipmasq { file("/var/log/iptables.log" owner("root") group("adm") perm(0640)); };

filter f_iptables( match("iptables"); );
filter fn_iptables( not match("iptables"); );

log { source(src); filter(f_authpriv); filter(fn_iptab); destination(authlog); };
log { source(src); filter(f_syslog);  filter(fn_iptab);  destination(syslog); };
log { source(src); filter(f_daemon);  filter(fn_iptab); destination(daemon); };
log { source(src); filter(f_kern);  filter(fn_iptab); destination(kern); };
log { source(src); filter(f_lpr);  filter(fn_iptab); destination(lpr); };
log { source(src); filter(f_mail);  filter(fn_iptab); destination(mail); };
log { source(src); filter(f_user);  filter(fn_iptab); destination(user); };
log { source(src); filter(f_uucp); filter(fn_iptab);  destination(uucp); };

log { source(src); filter(f_iptab); destination(ipmasq); };

Yet all the IPMasq messages are passed top both iptables.log and /var/log/messages.

All IPMasq messages are prefixed with the string "iptables" using --log-prefix iptables

What am I doing wrong?


Thanks,
Anoop ///
________________________________________________
Everybody has something to conceal. -- Humphrey Bogart