I am trying to get a box running centos 5.6 to log all connections to port 110 and 25 to separate logs in /var/log. I dont want to change any of the current logging already being done. I have found articles like:
which point in the direction of where i want to go(especially #1). I need step - by - step
1. vi /etc/aaa.config
2. add line bla bla bla
3. restart /etc/init.d/bla restart
4. vi iptables
5. add bla bla bla --for logging prot 110 connections to /var/log/110.log
6. add bla bla bla ---for logging port 25 connections to /var/log25.log
there should be some sort of log rotation for this also 7 day rotation.
this is at the bottom of one of the links and i think should work:
Configure iptables Log Rotation
Finally, since we’re logging to a new file, it’s useful to create a log rotation rule. Create a file /etc/logrotate.d/iptables with the following contents:
invoke-rc.d rsyslog reload > /dev/null
The preceding script tells logrotate to rotate the firewall log daily and keep logs from the past seven days.