I did it the way the shorewall logging documentation suggests: I specified LOG=ULOG in params and then $LOG everywhere else. I also disabled all references to shorewall.log in syslog-ng.conf. Still not logging. But it logs to syslog-ng just fine when I change it back to 'info'.
BLACKLIST_LOG_LEVEL= INVALID_LOG_LEVEL= LOG_MARTIANS=No LOG_VERBOSITY=2 LOGALLNEW= LOGFILE=/var/log/shorewall.log LOGFORMAT="Shorewall:%s:%s:" LOGTAGONLY=No LOGLIMIT= MACLIST_LOG_LEVEL=$LOG RELATED_LOG_LEVEL= RPFILTER_LOG_LEVEL=$LOG SFILTER_LOG_LEVEL=$LOG SMURF_LOG_LEVEL=$LOG STARTUP_LOG=/var/log/shorewall-init.log TCP_FLAGS_LOG_LEVEL=$LOG UNTRACKED_LOG_LEVEL= My shorewall version is now 4.6.3.4. On Tuesday, October 7, 2014 5:09 AM, kp kirchdoerfer <kap...@users.sourceforge.net> wrote: Am Montag, 6. Oktober 2014, 13:09:10 schrieben Sie: > Yes, I used git. My shorewall version is 4.6.2.5, not 5. I think the reason > it's not logging is because syslog-ng is also trying to use shorewall.log. > I'll use leaf-devel from now on. > Maybe you misunderstood. I meant Bering-uClibc 5. Are you shure you have choosen ulog resp nflog as target? last line of /etc/shorewall/policy: all all REJECT NFLOG(4) kp > > > n Monday, October 6, 2014 11:09 AM, kp kirchdoerfer > <kap...@users.sourceforge.net> wrote: Hi; > > Am Sonntag, 5. Oktober 2014, 13:12:40 schrieb cpu memhd: > > Okay, I figured out the problem. I didn't realize this was ulogd v2, which > > apparently has more dependencies. But now shorewall isn't logging. > > Just to be clear - are you really using 5.2-beta1? > I'm pretty shure there is no 5.2-beta1 release yet, so you must have > compiled it from git repository. That would be great, but I'd want to > suggest to discuss issues of unreleased versions on leaf-devel. > > Back to your issue: > ulogd has been updated to version 2 for 5.0 and shorewall is logging, at > least for me. > Are you probably using old shorewall config files that does not point to > ulogd as log target? > > kp ------------------------------------------------------------------------------ Meet PCI DSS 3.0 Compliance Requirements with EventLog Analyzer Achieve PCI DSS 3.0 Compliant Status with Out-of-the-box PCI DSS Reports Are you Audit-Ready for PCI DSS 3.0 Compliance? Download White paper Comply to PCI DSS 3.0 Requirement 10 and 11.5 with EventLog Analyzer http://pubads.g.doubleclick.net/gampad/clk?id=154622311&iu=/4140/ostg.clktrk ------------------------------------------------------------------------ leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/