Mekabe Ramein wrote:
Hi,
My Shorewall was working fine without any problems. I was managing it
through the webmin module.
I was not receiving any unwanted logs.
Then I just wanted to see the logging feature and enabşed some logs from the
webmin shorewall module. (debug level)
Now I am
I had enabled it on policies and I've checked the policies file but there is
no log or LOG in it.
Also in the rules file there is no log or LOG
Here are the files that include log or LOG:
router:~# grep log /etc/shorewall/*
/etc/shorewall/shorewall.conf:LOGFILE=/var/log/shorewall
Mekabe Ramein wrote:
I had enabled it on policies and I've checked the policies file but there is
no log or LOG in it.
Of course there isn't.
Webmin provides an interface that allows you to point and click rather than
use a text editor. It does not do your thinking and learning for you.
If
Mekabe Ramein wrote:
I had enabled it on policies and I've checked the policies file but
there is no log or LOG in it.
Also in the rules file there is no log or LOG
I suggest you re-read the previous message - you are NOT looking for
'log' in any file. You might try grep -i debug
Hi Tom Simon,
Thanks for your emails and all the information you just sent.
I will read the docs you've supplied, but just a quick reply:
I understand what you both tell me. But then I don't understand why I am
receiving all those logs as though my policy file is only:
wan lan ACCEPT
Sorry I forgot to paste my grep loglevel output. Here it is:
router:~# grep -i debug /etc/shorewall/*
/etc/shorewall/start:run_iptables -I INPUT -i br0 -j LOG --log-prefix
BANDWIDTH_IN: --log-level debug
/etc/shorewall/start:run_iptables -I FORWARD -i br0 -j LOG --log-prefix
BANDWIDTH_IN:
Mekabe Ramein wrote:
Hi Tom Simon,
Thanks for your emails and all the information you just sent.
I will read the docs you've supplied, but just a quick reply:
I understand what you both tell me. But then I don't understand why I am
receiving all those logs as though my policy file is
Mekabe Ramein wrote:
Sorry I forgot to paste my grep loglevel output. Here it is:
router:~# grep -i debug /etc/shorewall/*
/etc/shorewall/start:run_iptables -I INPUT -i br0 -j LOG --log-prefix
BANDWIDTH_IN: --log-level debug
/etc/shorewall/start:run_iptables -I FORWARD -i br0 -j LOG
On 5/4/08, Tom Eastep [EMAIL PROTECTED] wrote:
That is a very foolish policy. I hope you don't expect this firewall to
actually stop anything.
lan wan ACCEPT
firewan ACCEPT
firelan ACCEPT
wan fireREJECT
lan fireACCEPT
My LAN subnet is not
On 5/4/08, Tom Eastep [EMAIL PROTECTED] wrote:
Mekabe Ramein wrote:
Sorry I forgot to paste my grep loglevel output. Here it is:
router:~# grep -i debug /etc/shorewall/*
/etc/shorewall/start:run_iptables -I INPUT -i br0 -j LOG --log-prefix
BANDWIDTH_IN: --log-level debug
Mekabe Ramein wrote:
On 5/4/08, *Tom Eastep* [EMAIL PROTECTED]
mailto:[EMAIL PROTECTED] wrote:
That is a very foolish policy. I hope you don't expect this firewall to
actually stop anything.
lan wan ACCEPT
firewan ACCEPT
firelan ACCEPT
Mekabe Ramein wrote:
On 5/4/08, *Tom Eastep* [EMAIL PROTECTED]
mailto:[EMAIL PROTECTED] wrote:
Mekabe Ramein wrote:
Sorry I forgot to paste my grep loglevel output. Here it is:
router:~# grep -i debug /etc/shorewall/*
/etc/shorewall/start:run_iptables -I INPUT -i
On 5/4/08, Tom Eastep [EMAIL PROTECTED] wrote:
If I were connected to the same IP network as your WAN interface, I could
get to every one of your LAN systems. They are COMPLETELY ACCESSIBLE from
within that network.
No. Because my wan Interface has a an IP address assigned by the ISP with
On 5/4/08, Tom Eastep [EMAIL PROTECTED] wrote:
Use a text editor. Or simply remove the file entirely.
Ok. But why there is a start file if it's not created by Shorewall ?
-
This SF.net email is sponsored by the 2008
Mekabe Ramein wrote:
On 5/4/08, Tom Eastep [EMAIL PROTECTED] wrote:
Use a text editor. Or simply remove the file entirely.
Ok. But why there is a start file if it's not created by Shorewall ?
Shorewall comes with an EMPTY start file:
#
# Shorewall version 4 - Start File
#
#
Ok. Thank you.
I just removed them and logs have stopped.
I think now I found the reason.
There is a module named Bandwidth Monitoring in Webmin. I had played with
that.
So it wrote the start file I guess. I will be more sure after I reboot.
Before this module can report on network usage on your
I've rebooted; and yes it is solved.
Thanks for all the help.
Now I just have one issue.
I want to change the destination of the logs to another file(if I activate
any logs). I don't want to use the syslog and kern.log files.
In fact, I have the following line in my shorewall.conf file, but this
Mekabe Ramein wrote:
I've rebooted; and yes it is solved.
Thanks for all the help.
Now I just have one issue.
I want to change the destination of the logs to another file(if I activate
any logs). I don't want to use the syslog and kern.log files.
In fact, I have the following line in my
18 matches
Mail list logo