Valid Facilities and Severities
The define logging facilities are:
Though not specifically a network service, the system-logging facility (rsysklogd package) logs information and error messages from most of the network services (and other services) on your computer.
The system-logging daemon (/sbin/rsyslogd) should be running at all times. The rsyslogd daemon is, by default, started at all multiuser run levels (2, 3, 4, and 5). You can change what messages are logged or have logging messages directed to different files by reconfiguring the /etc/rsyslog.conf file.
You can change options used by the rsyslogd daemon by editing the /etc/sysconfig/rsyslog file.
Red Hat Reference
CAUTION: If, when installing Windows or Fedora, you find that the other operating system is no longer
available on your boot screen, do not panic and do not immediately reinstall. You can usually recover from the problem by booting the live CD that comes with this book,
and then using the grub-install command to reinsert the proper master boot record. Refer to the “Using the GRUB boot loader” section later in this chapter. If you are uncomfortable working in emergency mode, seek out an expert to help you.
CAUTION: Remember that any partition commands can easily erase your disk or make it inaccessible.
Back up critical data before using any tool to change partitions! Then be very careful about the changes you do make.
Keeping an emergency boot disk handy is a good idea, too.
The severity levels in order of most important to least are:
You must combine exactly one facility and one severity to create a selector.
Using logging with iptables
Using the LOG target you can log information about packets that meet the criteria you choose.
In particular you might want to use this feature to log packets that seem like they might be improper in some way. In other words, if you do not want to drop a packet for some reason, you can just log its activity and decide later
if something needs to be corrected. The LOG target directs log information to the standard tools used to do logging in Fedora: dmesg and rsyslogd. Here’s an example of a rule using a LOG target:
-A FORWARD -p tcp -j LOG --log-level info
Instead of info, you could use any of the following log levels available with rsyslog:
emerg, alert, crit, err, warning, notice, info, or debug. Using the --logprefix
option as follows, you could also add information to the front of all messages produced from this logging action:
-A FORWARD -p tcp -j LOG --log-level info --log-prefix "Forward INFO "