log file for iptables?

[inetd]

I have created a iptables rule ot do some logging like this:

iptables -A -m limit -j LOG --log-level info --log-prefix "Firewall:"


When some traffic present, the above rule will make a log in /var/log/message.

My question is:

How can I set the logging message being written into another file?


Thanks.

 

[usige]

inetd,
iptables logs through the kernel logging facility. That being the case you can't specify the facility so your messages are logged as kern.info by syslogd. You have a few choices.

1. You could change the log-level to debug and only write kern.debug to a file. No guarantee that you will only get your iptables messages in the file.

2. Use ULOG target and install/configure ulogd. This can be slower than using the kernel logging.

3. Replace standard syslog with syslog-ng. The nicest thing about syslog-ng is you can log to different files based on regular expressions. In your case you could say all messages with 'Firewall:' would be sent to your firewall message log.

Hope this gives you some avanues to pursue.