Just FYI.. Did this and it worked for me.. Had to make a few tweaks  
because I use FreeBSD for my syslog server and not linux.

Juerg, Your "Otherwise" entry. shouldn't that last destination in  
there be m0n0sys?

-Ron
--
Ron Rosson
ron at oneinsane dot net
http://www.oneinsane.net

On Jun 27, 2005, at 8:03 AM, Juerg Schneider wrote:

> Am Samstag, 25. Juni 2005 00.25 schrieb Devin Henderson:
>
>> I have setup m0n0wall to send logs to my web server. However, the
>> log is saved to my /var/log/messages file. How can I setup my
>> syslog server to write the m0n0wall logs to a seperate file, say
>> /var/log/router.log? I assume I can do this in /etc/syslog.conf on
>> my syslog server but I'm not sure how.
>>
>
> Take syslog-ng not syslog. From my /etc/syslog-ng/syslog-ng.conf:
>
> source remote {  udp(); };
> source src { unix-dgram("/dev/log"); internal(); };
>
> # In one line:
> destination m0n0wall { file("/var/log/m0n0wall/m0n0wall.log" \
>     owner("root") group("adm") perm(0640)); };
> destination m0n0sys { file("/var/log/m0n0wall/syslog.log" \
>     owner("root") group("adm") perm(0640)); };
>
> filter f_m0n0wall   { match("ipmon"); };
> filter f_not_m0n0   { not match("ipmon"); };
>
> log { source(remote); filter(f_m0n0wall); destination(m0n0wall); };
> log { source(remote); filter(f_not_m0n0); destination(m0n0sys); };
>
> Any catch all destination uses only:
> log { source(src); filter(f_messages); destination(messages); };
>
> Otherwise:
> log { source(remote); filter(f_syslog);  filter (f_not_m0n0); \
>      destination(syslog); };
>
>
> Jürg
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>
>