beta3 log files

[PeeKay]

I dont know if this has been brought up before but the log files
seem to be messed up. The information that it is spitting out is not
very usefull. I liked better when you could tell when someone was trying
to telnet, ftp, etc to your boxen. Here is a list of my log fles with
the type of logs its keeping:


[root@yojimbo log]# ls -al
total 16676
drwxr-xr-x    7 root     root         4096 Jan 17 15:19 .
drwxr-xr-x   18 root     root         4096 Jan 16 14:10 ..
-rw-------    1 root     root        10177 Jan 17 15:16 boot.log
-rw-------    1 root     root        36495 Jan 19 14:30 cron
-rw-r--r--    1 root     root         2671 Jan 16 14:25 dmesg
drwxr-sr-x    2 root     root         4096 Jan 12 22:35 flexbackup
drwxr-xr-x    2 root     root         4096 Jan 16 12:48 httpd
-rw-r--r--    1 root     root      1460584 Jan 19 14:34 lastlog
-rw-------    1 root     root        27483 Jan 19 00:31 maillog
-rw-------    1 root     root     16700870 Jan 19 14:35 messages
-rw-rw-rw-    1 mysql    mysql      161755 Jan 19 00:31 mysqld.log
drwx--S---    2 qmaill   nofiles      4096 Jan 16 14:31 qmail
drwx------    2 root     root         4096 Jan 16 14:31 samba
-rw-------    1 root     root        28641 Jan 19 00:31 secure
-rw-------    1 root     root            0 Jan 16 14:06 spooler
drwxr-x---    2 squid    squid        4096 Jan 16 14:31 squid
-rw-rw-r--    1 root     utmp         9984 Jan 19 14:34 wtmp  

If I am reading that right does that not say that the messages are 16
megs already ? This is only after its been up for 3 days.

[root@yojimbo log]# tail messages
Jan 19 16:40:50 yojimbo kernel: Packet log: denylog DENY eth1 PROTO=1
10.10.1.11:10 255.255.255.255:0 L=28 S=0x00 I=33600 F=0x0000 T=64 (#1)
Jan 19 16:40:51 yojimbo kernel: Packet log: denylog DENY eth1 PROTO=17
24.1.214.194:631 24.1.215.255:631 L=142 S=0x00 I=0 F=0x4000 T=64 (#1)
Jan 19 16:40:55 yojimbo kernel: Packet log: denylog DENY eth1 PROTO=1
24.1.212.200:10 224.0.0.2:0 L=28 S=0x00 I=4 F=0x0000 T=128 (#1)
Jan 19 16:40:57 yojimbo kernel: Packet log: denylog DENY eth1 PROTO=1
24.1.212.200:10 224.0.0.2:0 L=28 S=0x00 I=13 F=0x0000 T=128 (#1)
Jan 19 16:41:00 yojimbo kernel: Packet log: denylog DENY eth1 PROTO=1
24.1.212.200:10 224.0.0.2:0 L=28 S=0x00 I=17 F=0x0000 T=128 (#1)
Jan 19 16:41:07 yojimbo kernel: Packet log: denylog DENY eth1 PROTO=17
24.15.53.199:513 24.15.53.255:513 L=88 S=0x00 I=19435 F=0x0000 T=64 (#1)
Jan 19 16:41:22 yojimbo kernel: Packet log: denylog DENY eth1 PROTO=17
24.1.214.194:631 24.1.215.255:631 L=142 S=0x00 I=0 F=0x4000 T=64 (#1)
Jan 19 16:41:33 yojimbo kernel: Packet log: denylog DENY eth1 PROTO=17
24.1.208.33:67 24.1.215.255:68 L=328 S=0x00 I=15374 F=0x0000 T=60 (#1)
Jan 19 16:41:33 yojimbo kernel: Packet log: denylog DENY eth1 PROTO=17
24.1.208.34:67 24.1.215.255:68 L=328 S=0x00 I=34527 F=0x0000 T=60 (#1)
Jan 19 16:41:40 yojimbo kernel: Packet log: denylog DENY eth1 PROTO=17
24.1.213.106:513 24.1.255.255:513 L=88 S=0x00 I=39614 F=0x0000 T=64 (#1)     

Its loggin these by the seconds.


[root@yojimbo log]# tail secure
Jan 19 02:21:29 yojimbo xinetd[4816]: USERID: imap OTHER :www
Jan 19 02:21:29 yojimbo xinetd[795]: EXIT: imap pid=4816 duration=0(sec)
Jan 19 02:26:30 yojimbo xinetd[795]: START: imap pid=4818 from=192.168.1.1
Jan 19 02:26:30 yojimbo xinetd[795]: START: auth pid=4819 from=192.168.1.1
Jan 19 02:26:30 yojimbo xinetd[4818]: USERID: imap OTHER :www
Jan 19 02:26:30 yojimbo xinetd[795]: EXIT: imap pid=4818 duration=0(sec)
Jan 19 02:31:31 yojimbo xinetd[795]: START: imap pid=4822 from=192.168.1.1
Jan 19 02:31:31 yojimbo xinetd[795]: START: auth pid=4823 from=192.168.1.1
Jan 19 02:31:31 yojimbo xinetd[4822]: USERID: imap OTHER :www
Jan 19 02:31:31 yojimbo xinetd[795]: EXIT: imap pid=4822 duration=0(sec)   

Again I dont know what this log info is but it doesnt look to important.



Also I was wondering what the file lastlog was for? 



Sorry if this has been covered already. I looked but didnt see it on the
beta3 update page.


Thank You

P-K