NAME
tcplog.conf − configuration file for tcplog(8).
SYNOPSIS
/etc/tcplog.conf
DESCRIPTION
The tcplog(8) configuration file is used to specify the level at which connections to given ports should be logged.
Log levels for packets are specified using the ’type [level]’ rule described below.
A default log level can be specified with the level keyword, which is used for port numbers which have not been explicitly assigned a level in the configuration.
The default syslog facility can be overriden with the facility keyword. configuration.
The ’except’ keyword can be used to specify a list of hosts from which connections should be ignored.
Lines beginning with ’#’ (shell-style comments) and blank lines in the configuration file are ignored.
An example configuration is included with the source distribution and is installed by default into /etc/tcplog.conf
KEYWORDS
except [host], [host], [host]
Specify a list of hosts to ignore connection requests from. The list can be comma or whitespace separated, and may contain fragments like ’192.168.’ and ’.foo.com’. If the fragment is numeric, it is compared with the IP of the source host, otherwise the comparison is made with the resolved hostname.
level [level]
Specify the default logging level. The level can be any one of IGNORE, ERR, WARNING, NOTICE, INFO and DEBUG.
facility [facility]
Specify the default logging facility. The facility can be any one of USER, DAEMON and LOCAL0-7.
[service] [level]
This is a generic rule which specifies the level at which connections to a certain port are logged. The service can either be a numeric port number, or a service name (as specified in /etc/services ). The level, as above, is a syslog.h symbolic constant.
SEE ALSO
tcplog(8), icmplog(8), icmplog.conf(5), syslogd(8)
DISTRIBUTION
jail is distributed under the Artistic License.
AUTHOR
Abhijit Menon-Sen <ams [AT] wiw.org>
$Id: tcplog.conf.5,v 1.7 2001/02/19 10:06:17 ams Exp $