Mekabe Ramein wrote: > Hi Tom & Simon, > > Thanks for your emails and all the information you just sent. > I will read the docs you've supplied, but just a quick reply: > > I understand what you both tell me. But then I don't understand why I am > receiving all those logs as though my policy file is only: > wan lan ACCEPT
That is a very foolish policy. I hope you don't expect this firewall to actually stop anything. > lan wan ACCEPT > fire wan ACCEPT > fire lan ACCEPT > wan fire REJECT > lan fire ACCEPT > > And here is all results for the loglevel keywords. > > Btw, I am familiar with logging and loglevels. Also, I know how syslog > acts, but I am not sure why all these are logged at all and why they are > logged to dmesg at the same time. A) If you would show us one of these messages rather than complain about them, we might be able to help you. Shorewall FAQ 17 might also be helpful. B) dmesg is just a user-space tool that dumps out the contents of the Kernels logging ring buffer. That is where ALL MESSAGES THAT ARE LOGGED BY THE KERNEL COME FROM. The klogd daemon also reads the ring buffer and forwards what it finds to syslog. So any kernel message that is logged by syslog is also available to dmesg. And they will continue to be visible to dmesg until they are overwritten by other log messages (unless you use the -c option). So make sure that new messages are actually being created and that you aren't just seeing messages that were created much earlier. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ [EMAIL PROTECTED] PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------- This SF.net email is sponsored by the 2008 JavaOne(SM) Conference Don't miss this year's exciting event. There's still time to save $100. Use priority code J8TL2D2. http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone
_______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
