On 19/09/06, Abd El-Hameed Ayad <hamid at use-trade.com> wrote: > Thank you very much for your concern. > i had change it, restarted syslog > But still getting messages on console I use kernel debug to get iptables messages into a separate log file and off the console... # /etc/syslogd.conf Send iptables LOG to iptables.log kern.=debug /var/log/iptables.log The add "--log-level debug" to any iptables rules you want logged. We do use a separate iptables setup script based on the O'Reilly bastion_firewall script on most hosts though, integrating this method with the default iptables setup may required some fiddling. Will.