Iptables log Maintenance 1. Configure the syslogd configuration file/etc/syslog. conf in the file syslog. add the following content in conf # Iptables loggingkern. debug/var/log/iptables 2. Use the IPtables rolling log to view and determine the logrotate configuration file/etc/logrotate. conf content is as follows: # see "man logrotate" for details # rotate log files weekly # keep 4 weeks worth of backlogs rotate 4 # create new (empty) log files after rotating old ones create # uncomment this if you want your log files compressed # c Ompress # RPM packages drop log rotation information into this directory include/etc/logrotate. d # no packages own wtmp -- we'll rotate them here/var/log/wtmp {monthly create 0664 root utmp rotate 1} # system-specific logs may be also be configured here. then in the syslog rolling log configuration file/etc/logrotate. add the IPtables log file/var/log/iptables to d/syslog. The details are as follows: /var/log/iptables/var/log/messages/var/log/secure/var/lo G/maillog/var/log/spooler/var/log/boot. log/var/log/cron {sharedscripts postrotate/bin/kill-HUP 'cat/var/run/syslogd. pid 2>/dev/null' 2>/dev/null | true endscript} finally arranges logrotate to run once a day to determine the file/etc/cron. daily/logrotate content :#! /Bin/sh/usr/sbin/logrotate/etc/logrotate. confEXITVALUE = $? If [$ EXITVALUE! = 0]; then/usr/bin/logger-t logrotate "ALERT exited abnormally with [$ EXITVALUE]" fiexit 0 is now complete!