On Wed, 2003-07-16 at 22:11, David Pitts wrote:
> Does the lack of any relevant entries in my log (shorewall.log) mean
> that there is no relevant traffic being blocked? I do have some
> shorewall.log entries showing rejected connections. Should every
> rejected attempt to access any port be logged, unless there is a
> statement that specifically stops the logging?
>
> What I need to know is whether the lack of logs means there is no
> blocking or I'm not logging the right thing.
>
Shorewall generates rules to log every attempt to access any
protocol/port provided that:
a) You have the standard net->all policy:
net all DROP ULOG
b) You don't have a rule that handles the port in another way.
c) The connection is not silently dropped or rejected in the 'common'
chain ("shorewall show common").
d) The connection isn't being dropped/rejected by some other Shorewall
feature (blacklist, tcpflags, rfc1918, etc.)
-Tom
--
Tom Eastep \ Shorewall - iptables made easy
Shoreline, \ http://shorewall.net
Washington USA \ [EMAIL PROTECTED]
-------------------------------------------------------
This SF.net email is sponsored by: VM Ware
With VMware you can run multiple operating systems on a single machine.
WITHOUT REBOOTING! Mix Linux / Windows / Novell virtual machines at the
same time. Free trial click here: http://www.vmware.com/wl/offer/345/0
------------------------------------------------------------------------
leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
