Re: [Shorewall-users] No logging to seperate logfile

Sun, 11 Feb 2018 16:18:34 -0800 

Hi Tom,

could you please explain how to modify the LOG_PREFIX to contain
'Shorewall'?

THX
Thomas


Am 12.02.2018 um 01:04 schrieb Tom Eastep:
> On 02/11/2018 03:58 PM, Thomas wrote:
>> Hi,
>>
>> I have modified /etc/shorewall/shorewall.conf
>> cat /etc/shorewall/shorewall.conf | grep log
>> LOGFILE=/var/log/shorewall.log
>> STARTUP_LOG=/var/log/shorewall-init.log
>>
>> and defined a rsyslog config file
>> cat /etc/rsyslog.d/40-shorewall.conf
>> $template shorewall-template,"%timegenerated% %msg%\n"
>> :msg, contains, "Shorewall:" -/var/log/shorewall.log;shorewall-template
>> & ~
>>
>> but Shorewall does not log anything in /var/log/shorewall.log after
>> restarting shorewall and rsyslog.
>>
>> The policy file is this:
>> cat /etc/shorewall/policy
>> #SOURCE DEST    POLICY  LOG LEVEL       BURST:LIMIT
>> net     all     DROP    $LOG
>> loc     all     REJECT  $LOG
>> fb      dmz     REJECT  $LOG
>> fb      loc     REJECT  $LOG
>> dmz     all     REJECT  $LOG
>> vpn     all     REJECT  $LOG
>> $FW     all     ACCEPT  $LOG
>> # THE FOLLOWING POLICY MUST BE LAST
>> all     all     REJECT  $LOG
>>
>> How can I correct this?
>>
> With your LOG_PREFIX setting, the Netfilter messages generated by your
> ruleset do not contain 'Shorewall:'. So you either need to change
> LOG_PREFIX to contain that string, or you need to use a regular
> expression to match those messages:
>
>       'IN=.* OUT=.*SRC=.*\..*DST='
>
> -Tom
>
>
> ------------------------------------------------------------------------------
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
>
>
> _______________________________________________
> Shorewall-users mailing list
> Shorewall-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/shorewall-users

Attachment: signature.asc
Description: OpenPGP digital signature

------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users

Reply via email to