man tcplog.conf (Formats) - configuration file for tcplog(8).

NAME

tcplog.conf - configuration file for tcplog(8).

SYNOPSIS

/etc/tcplog.conf

DESCRIPTION

The tcplog(8) configuration file is used to specify the level at which connections to given ports should be logged.

Log levels for packets are specified using the `type [level]' rule described below.

A default log level can be specified with the level keyword, which is used for port numbers which have not been explicitly assigned a level in the configuration.

The default syslog facility can be overriden with the facility keyword. configuration.

The `except' keyword can be used to specify a list of hosts from which connections should be ignored.

Lines beginning with `#' (shell-style comments) and blank lines in the configuration file are ignored.

An example configuration is included with the source distribution and is installed by default into /etc/tcplog.conf

KEYWORDS

except [host], [host], [host]
Specify a list of hosts to ignore connection requests from. The list can be comma or whitespace separated, and may contain fragments like `192.168.' and `.foo.com'. If the fragment is numeric, it is compared with the IP of the source host, otherwise the comparison is made with the resolved hostname.
level [level]
Specify the default logging level. The level can be any one of IGNORE, ERR, WARNING, NOTICE, INFO and DEBUG.
facility [facility]
Specify the default logging facility. The facility can be any one of USER, DAEMON and LOCAL0-7.
[service] [level]
This is a generic rule which specifies the level at which connections to a certain port are logged. The service can either be a numeric port number, or a service name (as specified in /etc/services ). The level, as above, is a syslog.h symbolic constant.

SEE ALSO

DISTRIBUTION

jail is distributed under the Artistic License.

AUTHOR

Abhijit Menon-Sen <ams@wiw.org>

$Id: tcplog.conf.5,v 1.7 2001/02/19 10:06:17 ams Exp $