Re: [leaf-user] no shorewall log

Wed, 09 Oct 2013 13:50:09 -0700 

Hi Victor,

Based on a quick look at /etc/init.d/shorewall I reckon that the "restart"
block might be broken - seems that it does "start" without "stop".

Most people use the "shorewall" command directly to do a restart.
In other words just:
    shorewall restart
not:
    svi shorewall restart

(There are other options too - e.g. perhaps:
    shorewall reload
will do what you need)

As regards logging, the shorewall log messages actually come from Netfilter.
They are directed to /var/log/shorewall.log via the syslog-ng configuration
(as per Shorewall FAQ 16b).

Reviewing the contents of /etc/syslog-ng/syslog-ng.conf might give you a hint
about what is going wrong. File /etc/lrp.conf controls log file rotation.

davidMbrooke


On 9 Oct 2013, at 21:09, Victor McAllister wrote:

> I manage two remote WRAP 486 firewalls running Bering 5.0.1.
> 
> If I log in with putty, change shorewall rules - do svi shorewall 
> restart - it says shorewall already running.
> 
> I have to save configuration and a reboot to implement shorewall changes.
> 
> When it restarts - I get a shorewall-init.log but no shorewall.log. Both 
> WRAP boxes no longer save the shorewall.log
> 
> leaf.cfg is
> root license dhcpcd shorewall dnsmasq dropbear mhttpd webconf bbntpd
> 
> A PC Engines ALIX running 5.0.1 with essentially the same leaf.cfg saves 
> a shorewall.log every day.
> 
> Anyone else seen this.
> 
> Victor
> 
> 
> 
> ------------------------------------------------------------------------------
> October Webinars: Code for Performance
> Free Intel webinars can help you accelerate application performance.
> Explore tips for MPI, OpenMP, advanced profiling, and more. Get the most from 
> the latest Intel processors and coprocessors. See abstracts and register >
> http://pubads.g.doubleclick.net/gampad/clk?id=60134071&iu=/4140/ostg.clktrk
> ------------------------------------------------------------------------
> leaf-user mailing list: leaf-user@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/leaf-user
> Support Request -- http://leaf-project.org/


------------------------------------------------------------------------------
October Webinars: Code for Performance
Free Intel webinars can help you accelerate application performance.
Explore tips for MPI, OpenMP, advanced profiling, and more. Get the most from 
the latest Intel processors and coprocessors. See abstracts and register >
http://pubads.g.doubleclick.net/gampad/clk?id=60134071&iu=/4140/ostg.clktrk
------------------------------------------------------------------------
leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/

Reply via email to