On 10/9/2013 1:48 PM, david M brooke wrote: > Hi Victor, > > Based on a quick look at /etc/init.d/shorewall I reckon that the "restart" > block might be broken - seems that it does "start" without "stop". > > Most people use the "shorewall" command directly to do a restart. > In other words just: > shorewall restart > not: > svi shorewall restart > > (There are other options too - e.g. perhaps: > shorewall reload > will do what you need) > > As regards logging, the shorewall log messages actually come from Netfilter. > They are directed to /var/log/shorewall.log via the syslog-ng configuration > (as per Shorewall FAQ 16b). > > Reviewing the contents of /etc/syslog-ng/syslog-ng.conf might give you a hint > about what is going wrong. File /etc/lrp.conf controls log file rotation. > > davidMbrooke > > > On 9 Oct 2013, at 21:09, Victor McAllister wrote: > >> I manage two remote WRAP 486 firewalls running Bering 5.0.1. >> >> If I log in with putty, change shorewall rules - do svi shorewall >> restart - it says shorewall already running. >> >> I have to save configuration and a reboot to implement shorewall changes. >> >> When it restarts - I get a shorewall-init.log but no shorewall.log. Both >> WRAP boxes no longer save the shorewall.log >> >> leaf.cfg is >> root license dhcpcd shorewall dnsmasq dropbear mhttpd webconf bbntpd >> >> A PC Engines ALIX running 5.0.1 with essentially the same leaf.cfg saves >> a shorewall.log every day. >> >> Anyone else seen this. >> >> Victor >> >> >> syslog-ng is present. syslog-ng.conf looks the same on all systems.
I did get a shorewall.log the first time I ran both these systems. However, after making changes to shorewall rules and rebooting, I have not got a shorewall.log on either system for more than a week. Shorewall is running. syslong-ng is present. /etc/syslong-ng/syslog-ng.conf has not been modified. By the way, I am running one WRAP on a 16mb flash because I could not get them to boot properly on a newer flash - although I was using append libata.dma=3 usb_wait=3 Victor ------------------------------------------------------------------------------ October Webinars: Code for Performance Free Intel webinars can help you accelerate application performance. Explore tips for MPI, OpenMP, advanced profiling, and more. Get the most from the latest Intel processors and coprocessors. See abstracts and register > http://pubads.g.doubleclick.net/gampad/clk?id=60134071&iu=/4140/ostg.clktrk ------------------------------------------------------------------------ leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/
