I've got a project I'm working on for firewalld, and that list seems to
have disappeared from mailman so I thought I would ask here.
My immediate query is the logging options for direct rules, as well as
firewalld specific logging. I know direct rules are out of the scope of
firewalld, as they are true iptables rules applied directly to
netfilter. When you specify logging of packets in the direct rules, the
logs get reported as kernel messages through journald. Is there any way
to configure IPtables to write to a different log file, or is it this
way due to the way netfilter is integrated with the kernel?
I've found ways to do it by specifying log levels as part of the
argument, and using rsyslog or syslog-ng to filter out the level you
specify into a different log, but I've not been able to discern a
corresponding process for journald.
As for firewalld itself, I hope my project will eventually meet the
quality needed to submit to Thomas for including it. Can firewalld
provide more granular logging? I know it reports to journald as a unit
you can filter on, which may end up being the best answer, but I was
wondering if there was any facility provided to write to a log file or pipe.
Systems Engineer at Large
Fedora KDE WG | Fedora QA Team | Fedora Server SIG
Fedora Infrastructure Apprentice
FAS: dmossor IRC: danofsatx
San Antonio, Texas, USA
Show replies by date