|
|
@@ -0,0 +1,30 @@
|
|
|
+if ($syslogfacility-text == 'kern') and \\
|
|
|
+($msg contains ' iptables ') \\
|
|
|
+then -/var/log/iptables/all.log
|
|
|
+# & ~
|
|
|
+
|
|
|
+if ($syslogfacility-text == 'kern') and \\
|
|
|
+($msg contains ' iptables dropped') \\
|
|
|
+then -/var/log/iptables/drop.log
|
|
|
+# & ~
|
|
|
+
|
|
|
+if ($syslogfacility-text == 'kern') and \\
|
|
|
+($msg contains ' iptables rejected') \\
|
|
|
+then -/var/log/iptables/reject.log
|
|
|
+# & ~
|
|
|
+
|
|
|
+if ($syslogfacility-text == 'kern') and \\
|
|
|
+($msg contains ' iptables ' and $msg contains ' DHCP') \\
|
|
|
+then -/var/log/iptables/dhcp.log
|
|
|
+# & ~
|
|
|
+
|
|
|
+iptables allowed DHCP
|
|
|
+if ($syslogfacility-text == 'kern') and \\
|
|
|
+($msg contains ' iptables dropped' or $msg contains ' iptables rejected') \\
|
|
|
+then -/var/log/iptables/troubleshooot.log
|
|
|
+# & ~
|
|
|
+
|
|
|
+if ($syslogfacility-text == 'kern') and \\
|
|
|
+($msg contains ' iptables clutter') \\
|
|
|
+then -/var/log/iptables/clutter.log
|
|
|
+# & ~
|
tBKwtWS