On 10/10/2013 11:22 AM, KP Kirchdörfer wrote: > Am Donnerstag, 10. Oktober 2013, 10:28:17 schrieb Victor McAllister: >> On 10/10/2013 9:43 AM, KP Kirchdörfer wrote: >>> Hello Victor; >>> >>> Am Mittwoch, 9. Oktober 2013, 13:09:30 schrieb Victor McAllister: >>>> I manage two remote WRAP 486 firewalls running Bering 5.0.1. >>>> >>>> If I log in with putty, change shorewall rules - do svi shorewall >>>> restart - it says shorewall already running. >>>> >>>> I have to save configuration and a reboot to implement shorewall changes. >>>> >>>> When it restarts - I get a shorewall-init.log but no shorewall.log. Both >>>> WRAP boxes no longer save the shorewall.log >>>> >>>> leaf.cfg is >>>> root license dhcpcd shorewall dnsmasq dropbear mhttpd webconf bbntpd >>>> >>>> A PC Engines ALIX running 5.0.1 with essentially the same leaf.cfg saves >>>> a shorewall.log every day. >>>> >>>> Anyone else seen this. >>> >>> As you know: "No news are good news" - no log, no attack :) >>> >>> Seriously: >>> >>> If I change shorewall settings via ssh (putty in your case) I just run >>> >>> shorewall restart >>> >>> from the commandline - no need to save and reboot see results. >>> >>> I'm not shure I got it right - are no shorewall.logs generated, or are no >>> logs saved by logrotate? >>> >>> kp >> >> Two WRAP boxes managed remotely are doing the same thing. >> >> No shorewall.log or rotation of shorewall logs >> shorewall is running - has shorewall-init.log >> >> I know there are events that should get loged - for example one box >> recorded a local martian (badly configured device) in kern.log which >> also does not rotate daily. >> >> syslog rotates >> messages rotates >> daemon.log rotate >> etc. >> >> No shorewall.log >> and kern.log does not rotate. > > Victor; > > the settings for kern.log are set to rotate weekly. > You can change that in /etc/lrp.conf . > > Regarding the shorewall.log - what are the differences between shorewall setup > out-of the box and the changes you've made? The differences to the ALIX boxes > (which I remember do logging?). Does shorewall out-of-the-box logging? > > kp >
Both WRAP boxes have three ethernet ports. Eth0 goes to a cable network served by dhcp. eth1 is loc which is 192.168.2.0/24 shorewall has some DNAT entries to forward ports to video phone devices. These work! eth2 is a DMZ (192.168.5.0/24) setup to do dhcp (via dnsmasq) for a wireless router connected via ethernet to its lan port as an AP. Both machines were creating shorewall.log files until I made changes to shorewall rules and rebooted. Everything works as it is supposed to except no rotating shorewall logs. By the way, I tried to remotely restart shorewall with "shorewall restart" - and it recompiled and started. when I sued the old command "svi shorewall restart" it did not restart and just said shorewall already running. One should not use svi Victor ------------------------------------------------------------------------------ October Webinars: Code for Performance Free Intel webinars can help you accelerate application performance. Explore tips for MPI, OpenMP, advanced profiling, and more. Get the most from the latest Intel processors and coprocessors. See abstracts and register > http://pubads.g.doubleclick.net/gampad/clk?id=60134071&iu=/4140/ostg.clktrk ------------------------------------------------------------------------ leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/
