That is consistent with bug 430220 (buffering of kernel messages). If
you keep unplugging/replugging (i.e. filling up the kernel message
buffer and forcing a flush), do those lost messages finally appear?
--
rsyslog ignores iptables LOG targets
https://bugs.launchpad.net/bugs/450002
You
Yes. Additionally if I hit the logging rule of iptables and then I
plug/unplug an usb key the connection attempt gets finally logged.
--
rsyslog ignores iptables LOG targets
https://bugs.launchpad.net/bugs/450002
You received this bug notification because you are a member of Ubuntu
Bugs, which
*** This bug is a duplicate of bug 430220 ***
https://bugs.launchpad.net/bugs/430220
OK, cool. Thanks Brownout for helping me figure this out. I'm going to
mark this bug as a duplicate of bug 430220. The fix *should* be pushed
in today.
** This bug has been marked a duplicate of bug
I did some simple testing. I could make 'contains' work, but not
'startswith'. If you change your config to use 'contains' FW_TEST
instead and then do a 'sudo restart rsyslog', do things work? If so, we
can change this bug into one about just startswith.
--
rsyslog ignores iptables LOG
:msg, contains, FW_TEST /var/log/firewall
It catches the sudo command line used to add the test rule:
Oct 13 18:59:54 grid sudo:brownout : TTY=pts/1 ; PWD=/home/brownout ;
USER=root ; COMMAND=/sbin/iptables -I INPUT -p tcp --dport 80 -j LOG
--log-prefix FW_TEST:
but it doesn't log the
You may be having a more generic problem with rsyslog not grabbing your
kernel messages. If you plug/unplug a USB thumbdrive, do you see
messages in both dmesg and /var/log/syslog?
If you don't, you *may* be experiencing a regression from bug 430220 not
yet being applied (rsyslog is currently
You're right, sometimes the plug/unplug gets recorded in syslog,
sometimes doesn't.
USB thumbdrive plugged, dmesg:
[74543.280021] usb 1-3: new high speed USB device using ehci_hcd and address 8
[74543.434198] usb 1-3: configuration #1 chosen from 1 choice
[74543.437453] scsi8 : SCSI emulation for
** Attachment added: 40-iptables.conf
http://launchpadlibrarian.net/33567718/40-iptables.conf
--
rsyslog ignores iptables LOG targets
https://bugs.launchpad.net/bugs/450002
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
