On 02/11/2018 05:11 PM, Thomas wrote: > shorewall show log > Shorewall 5.1.10.2 Log (/var/log/shorewall.log) at pc4-svp - Mo 12. Feb > 02:08:41 CET 2018 > > Counters reset Mo 12. Feb 01:30:53 CET 2018 > > I think Shorewall is using the new logfile now.
Shorewall is using the new logfile for the 'show log' command, but it
appears that netfilter logging isn't going to the new file since
'shorewall show log' doesn't display any log messages.
>
> However, syslog showed entries like this before:
>
> [2870602.643965] dmz-fw REJECT IN=vmbr2 OUT=
> MAC=fe:aa:20:0a:61:85:32:32:31:33:38:30:08:00 SRC=10.0.0.4 DST=10.0.0.1
> LEN=60 TOS=0
> x00 PREC=0x00 TTL=64 ID=10064 DF PROTO=TCP SPT=39362 DPT=4506
> WINDOW=29200 RES=0x00 SYN URGP=0
>
>
If that is the case, the current firewall script
(/var/lib/shorewall/firewall) does *not* have "Shorewall:%s %s " as the
LOGFORMAT. If it did, the message would begin "Shorewall:dmz-fw REJECT ..."
What does this command produce?
fgrep Shorewall: /var/lib/shorewall/firewall
-Tom
--
Tom Eastep \ Q: What do you get when you cross a mobster with
Shoreline, \ an international standard?
Washington, USA \ A: Someone who makes you an offer you can't
http://shorewall.org \ understand
\_______________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
