_Update:_ The parameter "Log Level" in //etc/shorewall/policy/ was wrong. After setting "info" or "warn" logging to //var/log/shorewall.log/ work as expected.
THX ----------------------------------------------------------------- shorewall show log Shorewall 5.1.10.2 Log (/var/log/shorewall.log) at pc4-svp - Mo 12. Feb 02:08:41 CET 2018 Counters reset Mo 12. Feb 01:30:53 CET 2018 I think Shorewall is using the new logfile now. However, syslog showed entries like this before: [2870602.643965] dmz-fw REJECT IN=vmbr2 OUT= MAC=fe:aa:20:0a:61:85:32:32:31:33:38:30:08:00 SRC=10.0.0.4 DST=10.0.0.1 LEN=60 TOS=0 x00 PREC=0x00 TTL=64 ID=10064 DF PROTO=TCP SPT=39362 DPT=4506 WINDOW=29200 RES=0x00 SYN URGP=0 I was expecting that the same entries will be logged in //var/log/shorewall.log/, too. Am 12.02.2018 um 01:48 schrieb Tom Eastep: > On 02/11/2018 04:32 PM, Thomas wrote: >> Done. >> shorewall.conf modified: >> cat /etc/shorewall/shorewall.conf | grep LOG >> LOG_LEVEL="info" >> BLACKLIST_LOG_LEVEL= >> INVALID_LOG_LEVEL= >> LOG_BACKEND= >> LOG_MARTIANS=Yes >> LOG_VERBOSITY=2 >> LOGALLNEW= >> LOGFILE=/var/log/shorewall.log >> LOGFORMAT="Shorewall:%s %s " >> LOGTAGONLY=No >> LOGLIMIT="s:1/sec:10" >> MACLIST_LOG_LEVEL="$LOG_LEVEL" >> RELATED_LOG_LEVEL= >> RPFILTER_LOG_LEVEL="$LOG_LEVEL" >> SFILTER_LOG_LEVEL="$LOG_LEVEL" >> SMURF_LOG_LEVEL="$LOG_LEVEL" >> STARTUP_LOG=/var/log/shorewall-init.log >> TCP_FLAGS_LOG_LEVEL="$LOG_LEVEL" >> UNTRACKED_LOG_LEVEL= >> BLACKLIST_DEFAULT="Broadcast(DROP),Multicast(DROP),dropNotSyn:$LOG_LEVEL,dropInvalid:$LOG_LEVEL,DropDNSrep:$LOG_LEVEL" >> USE_NFLOG_SIZE=No >> >> Still //var/log/shorewall.log/ is empty. > Did you reload Shorewall? Did any of your LOG rules get triggered (does > 'shorewall show log' show any messages with timestamps after the reset > time at the top of the display)? > > -Tom > > > ------------------------------------------------------------------------------ > Check out the vibrant tech community on one of the world's most > engaging tech sites, Slashdot.org! http://sdm.link/slashdot > > > _______________________________________________ > Shorewall-users mailing list > Shorewall-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/shorewall-users
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
