> I have the following problem. I have a bunch of linux boxes who act as
> firewalls on different networks, but I have a small problem. The machines
> use syslog to log to a central loghost. This is not a problem, I off course
> just use *.* @loghost in syslog.conf.
>
> However since ipchains uses printk to log, the facility of all messages
> are "kern". I can then catch them in syslog.conf with somthing lige
> kern.* ...... But if you are paranoid enough (and I just might be :-),
> then a lot of messages occur and I would like to redirect these syslog
> messages to "local?.*" instead of "kern.*". Since they fill up logs that
> contain kern information from quite a few hotst and I would like to filter
> out messages from the firewall machines!
>
> Is there any way you can do this in a nice way?
Send kern.info messages to a FIFO, and attach the other end to a
program which sorts them into appropriate files.
-- Glynn Clements <glynn@sensei.co.uk>- To unsubscribe from this list: send the line "unsubscribe linux-net" in the body of a message to majordomo@vger.rutgers.edu