at the begin of your automation script
1
2
3
4
| IPTLOGLEVEL=4
iptables -A INPUT -j LOG --log-ip-options --log-prefix='[netfilter] INPUT ' --log-level ${IPTLOGLEVEL}
iptables -A INPUT -j LOG --log-tcp-options --log-prefix='[netfilter] INPUT ' --log-level ${IPTLOGLEVEL}
|
seperating to specific log file
add filter config for rsyslog / syslog
rsyslog filter config
1
| vim /etc/rsyslog/rsyslog.d/01-iptables-specific-filter.log
|
syslog filter config
1
| vim /etc/syslog/syslog.d/01-iptables-specific-filter.log
|
rsyslog and syslog filter option to seperate to specific file
in this option to /var/log/iptables.log
1
2
| :msg,contains,"[netfilter] " -/var/log/iptables.log
& stop
|
restart you log service
1
2
3
| if [ -f "/etc/init.d/rsyslog" ]; then /etc/init.d/rsyslog restart; fi
if [ -f "/etc/init.d/syslog" ]; then /etc/init.d/syslog restart; fi
|