On Mon, 2011-02-21 at 12:40 -0800, Tom Eastep wrote: > On 2/21/11 11:59 AM, ERJAVEC Tom wrote: > > > > > Hi Tom (Eastep), > > if you can help me restore the shorewall.log functionality I will try to > > reproduce the event and send to you: > > - tcpdump during IP phone requests > > - shorewall.log excerpt during the above requests > > if that can be of help. > > > > Tom > > I don't run Bering and haven't done so for years and there is no such > thing as shorewall.log in the code released from shorewall.net. Is > shorewall.log the INIT_LOG or the LOGFILE? If the former, simply type > 'shorewall restart' from a root shell prompt; everything that Shorewall > is doing during restart will be right there in front of you. Also, check > the INIT_LOG and the LOG_VERBOSITY settings in shorewall.conf if you > want all commands and their results logged. > > If it is the system log where Netfilter messages are written, that is > totally out of Shorewall's control. > > -Tom
Tom (Erjavec), As Tom (Eastep) says, the log files are completely out of Shorewall's control. For Bering-uClibc 4.x we have 2 separate Shorewall-related logfiles: - /var/log/shorewall-init.log which is "STARTUP_LOG" in /etc/shorewall/shorewall.conf and where the (re-)start messages get written. - /var/log/shorewall.log which is "LOGFILE" in /etc/shorewall/shorewall.conf and which is where the kernel writes Netfiler messages which contain the string "Shorewall". In my experience, shorewall.log only gets created when a message is written to that file - so if no packets are REJECTed or DROPped then the file is not created (and obviously it is lost when you reboot). dMb ------------------------------------------------------------------------------ Index, Search & Analyze Logs and other IT data in Real-Time with Splunk Collect, index and harness all the fast moving IT data generated by your applications, servers and devices whether physical, virtual or in the cloud. Deliver compliance at lower cost and gain new business insights. Free Software Download: http://p.sf.net/sfu/splunk-dev2dev ------------------------------------------------------------------------ leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/
