[syslog-ng]Logging to a specific destination
Anoop Rajendra
syslog-ng@lists.balabit.hu
Thu, 12 Aug 2004 13:33:38 -0500
I need to log all messages from iptables, ipmasq to a particular file
(say iptables.log) and to that only and nothing else. Is there a way to
specifically define this, ie say that messages from this daemon should
go nowhere else? i've tried -
# IPMasq Messages
destination ipmasq { file("/var/log/iptables.log" owner("root") group("adm") perm(0640)); };
filter f_iptables( match("iptables"); );
filter fn_iptables( not match("iptables"); );
log { source(src); filter(f_authpriv); filter(fn_iptab); destination(authlog); };
log { source(src); filter(f_syslog); filter(fn_iptab); destination(syslog); };
log { source(src); filter(f_daemon); filter(fn_iptab); destination(daemon); };
log { source(src); filter(f_kern); filter(fn_iptab); destination(kern); };
log { source(src); filter(f_lpr); filter(fn_iptab); destination(lpr); };
log { source(src); filter(f_mail); filter(fn_iptab); destination(mail); };
log { source(src); filter(f_user); filter(fn_iptab); destination(user); };
log { source(src); filter(f_uucp); filter(fn_iptab); destination(uucp); };
log { source(src); filter(f_iptab); destination(ipmasq); };
Yet all the IPMasq messages are passed top both iptables.log and /var/log/messages.
All IPMasq messages are prefixed with the string "iptables" using --log-prefix iptables
What am I doing wrong?
Thanks,
Anoop ///
________________________________________________
Everybody has something to conceal. -- Humphrey Bogart