# =========================================================================
# $Id: log.conf 41 2005-10-30 23:39:47Z s0undt3ch $
# =========================================================================

# Please read the README for more info.
#
# Many systems use /var/log/syslog for logging
#
 
# Logging facility to use. Default is syslog, as you
# must have ulog support in your kernel, and your
# userspace iptables, as well as have ulogd properly
# configured and running to use ulog.
LOG_FACILITY=syslog
#LOG_FACILITY=ulog
 
# This will make a log of all new connections established
# on the external device
LOG_EST_EXT=0

# This will log all new connections established on your 
# internal device(s)
LOG_EST_INT=0

# Log packets that aren't caught by any specific rules
LOG_CATCH_ALL=1

# Log port scans
LOG_PORT_SCANS=1

# How many syslog entries per second (or minute) per rule?
LOG_FLOOD="3/s"
#LOG_FLOOD="1/m"

# Log dropped icmp echo request packets beyond what you have 
# specified in PING_FLOOD
LOG_PING=1

# Log packets potentially related to a Denial of Service attack
LOG_DOS=1

# Log invalid packets
LOG_INVALID=1

# Log fragmented packets
LOG_FRAGMENTS=1

# Drop packets on these tcp ports without logging
DONT_LOG_TCP="137 6666"

# Drop packets on these udp ports without logging
DONT_LOG_UDP="1434"