Hi, We need to make another decision about Shorewall / Shorewall6 logging of "DROP" and "REJECT" messages: - Should both sets of messages go to /var/log/shorewall.log ? - Should IPv4 messages go to /var/log/shorewall.log and IPv6 messages to /var/log/shorewall6.log ?
I currently favour the second option, for consistency with the -init.log files and in case we want to process the logfiles in some way. Thoughts? Both Shorewall and Shorewall6 specify LOGFORMAT="Shorewall:%s:%s:" in e.g. /etc/shorewall/shorewall.conf so simply matching on "Shorewall" is not enough separate out the logs, and it is not possible (or at least not easy) to change Shorewall6 to specify LOGFORMAT="Shorewall6:%s:%s:" because that makes the log string too long... I tried that and got an error. I do have a working syslog-ng configuration that checks the format of the SRC= address and sends IPv4 logs to /var/log/shorewall.log and IPv6 logs to /var/log/shorewall.log. I think if we do that it stills gives the option to use ulogd instead (with ULOG in the Shorewall(6) config files). Seems like a good compromise to me. davidMbrooke ------------------------------------------------------------------------------ Nokia and AT&T present the 2010 Calling All Innovators-North America contest Create new apps & games for the Nokia N8 for consumers in U.S. and Canada $10 million total in prizes - $4M cash, 500 devices, nearly $6M in marketing Develop with Nokia Qt SDK, Web Runtime, or Java and Publish to Ovi Store http://p.sf.net/sfu/nokia-dev2dev _______________________________________________ leaf-devel mailing list leaf-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-devel
