internal();
};
-# uncomment the line below if you want to setup syslog server
-#source s_net { udp(); };
+# uncomment the line below and change ip/port if you want to run syslog server
+#source s_net udp(ip(192.168.1.100),port(514));
#destination d_loghost { udp("loghost" port(514)); };
destination d_postgres { file("/var/log/pgsql"); };
destination d_freshclam { file("/var/log/freshclam.log"); };
-# Log iptables messages to separate file
-destination d_iptables { file("/var/log/iptables"); };
+destination d_shorewall { file("/var/log/shorewall"); };
destination d_console { usertty("root"); };
#destination d_console_all { file("/dev/tty12"); };
destination d_newserr { file("/var/log/news/news.err" owner(news) group(news)); };
destination d_newsnotice { file("/var/log/news/news.notice" owner(news) group(news)); };
+# uncomment the line below if you want to run syslog server
+#destination d_from_net { file("/var/log/$HOST.log" owner(root) group(root) perm(0644) dir_perm(0700) create_dirs(yes)); };
+
# Filters for standard syslog(3) facilities
#filter f_audit { facility(audit); };
filter f_authpriv { facility(authpriv, auth); };
filter f_freshclam { program(freshclam); };
filter f_ppp { program(pppd) or program(chat); };
filter f_postgres { program(postgres); };
-filter f_iptables { match("IN=[A-Za-z0-9\.]* OUT=[A-Za-z0-9\.]*" value("MESSAGE")); };
+filter f_shorewall { facility(kern) and match("Shorewall:" value("MESSAGE")); };
+
+# uncomment the line below if you want to run syslog server
+#log { source(s_net); destination(d_from_net); flags(final); };
+
+# log shorewall to separate log file by default
+log { source(s_src); filter(f_shorewall); destination(d_shorewall); flags(final); };
log { source(s_sys); filter(f_authpriv); destination(d_authlog); };
log { source(s_sys); filter(f_cron); destination(d_cron); };
log { source(s_sys); filter(f_daemon); filter(f_ppp); destination(d_ppp); };
log { source(s_sys); filter(f_local6); filter(f_freshclam); destination(d_freshclam); };
log { source(s_sys); filter(f_local0); filter(f_postgres); destination(d_postgres); };
-#log { source(s_sys); filter(f_iptables); destination(d_iptables); };
log { source(s_sys); filter(p_emergency); destination(d_console); };
#log { source(s_sys); destination(d_console_all); };
cp -p %{SOURCE2} $RPM_BUILD_ROOT%{_sysconfdir}/syslog-ng/syslog-ng.conf
cp -p %{SOURCE3} $RPM_BUILD_ROOT/etc/logrotate.d/syslog-ng
-for n in cron daemon debug iptables kernel lpr maillog messages secure spooler syslog user xferlog; do
+for n in cron daemon debug kernel lpr maillog messages secure shorewall spooler syslog user xferlog; do
> $RPM_BUILD_ROOT/var/log/$n
done
touch $RPM_BUILD_ROOT/etc/sysconfig/%{name}
%attr(640,root,logs) %ghost /var/log/cron
%attr(640,root,logs) %ghost /var/log/daemon
%attr(640,root,logs) %ghost /var/log/debug
-%attr(640,root,logs) %ghost /var/log/iptables
%attr(640,root,logs) %ghost /var/log/kernel
%attr(640,root,logs) %ghost /var/log/lpr
%attr(640,root,logs) %ghost /var/log/maillog
%attr(640,root,logs) %ghost /var/log/messages
%attr(640,root,logs) %ghost /var/log/secure
+%attr(640,root,logs) %ghost /var/log/shorewall
%attr(640,root,logs) %ghost /var/log/spooler
%attr(640,root,logs) %ghost /var/log/syslog
%attr(640,root,logs) %ghost /var/log/user
TLD / packages / syslog-ng.git / commitdiff