Hi, On 2014-11-05 01:30, Tom Eastep wrote: > I'm tempted to remove the LOG_BACKEND option until those guys make up > their minds.
I understand, but this option is really helpful. See all the recurring error reports regarding not working logging... due to the "wrong" set nf_log module. Maybe we can support custom values: The documentation should tell the users where they find the supported value for the LOG_BACKEND option for their system (i.e. telling them to run "cat /proc/net/netfilter/nf_log"...). We should tell them why this value is system dependent. Maybe shorewall can validate the value on check/compile. At least shorewall should catch the error when setting the log backend failed and show an useful error message telling the user what's the problem and how they can fix it. Something like > Compiling... > Processing /etc/shorewall/params ... > Processing /etc/shorewall/shorewall.conf... > Loading Modules... > ERROR: Invalid LOG Backend (ipt_LOG) > The current active kernel supports the following LOG Backends: > - nf_log_ipv4 > - nfnetlink_log > See `man 5 shorewall.conf` for more details ...and in shorewall.conf's man page we would explain everything. -Thomas ------------------------------------------------------------------------------ _______________________________________________ Shorewall-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-devel
