RHEL7 Rich Rule firewalld

Latest response

Hi guys,

thanks for always helping.

I am a little confused with rich rules. Here is an example

' firewall-cmd --add-rich-rule 'rule family=ipv4 source address=192.168.3.0/24 service name=http log prefix=http allow rule' level=info accpet --permanent'

Question : what does options do " log prefix=http allow rule' level=info accept "

Thank you

Responses

Hello

this is for sending log messages to logging application such as rsyslog.

You can define a prefix text that will be added to the log message as a prefix.

Log level can be one of "emerg", "alert", "crit", "error", "warning", "notice", "info" or "debug".

From the firewalld.richlanguage(5) manual page:

"Log
log [prefix="prefix text"] [level="log level"] [limit value="rate/duration"]"

You add this to a rule, and then when the rule that you have created is matched, a log message will be sent.

For more information on rsyslog see Viewing and Managing Log Files

Thank you Stephen

Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.