I tested with iptables -N foo ; iptables -A foo -j ULOG and that was fine,
so it looks like the kernel does have ULOG support. So I followed the
recipe in the doc to convert to ULOG;
root@hk2server:/etc/shorewall# grep -v ^\# * | egrep '\$LOG|ULOG|LOGFILE'
params:LOG=ULOG
shorewall.conf:LOGFILE=/var/log/messages
shorewall.conf:MACLIST_LOG_LEVEL=$LOG
shorewall.conf:TCP_FLAGS_LOG_LEVEL=$LOG
shorewall.conf:RFC1918_LOG_LEVEL=$LOG
shorewall.conf:LOGUNCLEAN=$LOG
No rules or policies are configured to log. Its running ulogd
Still getting the same error
root@hk2server:/etc/shorewall# shorewall try /etc/shorewall/
Compiling...
Processing /etc/shorewall/params ...
Processing /etc/shorewall/shorewall.conf...
WARNING: Option EXPORTPARAMS=Yes is deprecated
/etc/shorewall/shorewall.conf (line 168)
Loading Modules...
WARNING: RFC1918_LOG_LEVEL=ULOG ignored. The 'norfc1918' interface/host
option is no longer supported
Compiling /etc/shorewall/zones...
Compiling /etc/shorewall/interfaces...
Determining Hosts in Zones...
Locating Action Files...
Compiling /usr/share/shorewall/action.Drop for chain Drop...
Compiling /usr/share/shorewall/action.Broadcast for chain Broadcast...
Compiling /usr/share/shorewall/action.Invalid for chain Invalid...
Compiling /usr/share/shorewall/action.NotSyn for chain NotSyn...
Compiling /usr/share/shorewall/action.Reject for chain Reject...
Compiling /etc/shorewall/policy...
ERROR: Log level INFO requires LOG Target in your kernel and iptables
On 5 September 2013 22:53, Tom Eastep <[email protected]> wrote:
> On 09/05/2013 07:42 AM, Thomas D. wrote:
> > Hi,
> >
> > Steve Wray wrote:
> >> I don't have access to the config file the kernel was built with. How
> >> would I otherwise find out?
> >
> > Well, modprobe/modinfo xt_LOG should also give you a hint.
> >
> >
> >> I find these kernel modules with 'log' in their names and there doesn't
> >> seem to be a match.
> >
> > I agree,
> >
> > # modinfo xt_LOG
> > filename: /lib/modules/3.4.60/kernel/net/netfilter/xt_LOG.ko
> > alias: ip6t_LOG
> > alias: ipt_LOG
> > description: Xtables: IPv4/IPv6 packet logging
> >
> > This is missing on you system.
> >
> > Not sure if it is possible to replace the usage of xt_LOG in shorewall
> > with ULOG or NFLOG. I guess Tom is able to answer that.
>
> Replacing LOG with ULOG is described at
> http://www.shorewall.net/shorewall_logging.html#ULOG
>
> -Tom
> --
> Tom Eastep \ When I die, I want to go like my Grandfather who
> Shoreline, \ died peacefully in his sleep. Not screaming like
> Washington, USA \ all of the passengers in his car
> http://shorewall.net \________________________________________________
>
>
>
> ------------------------------------------------------------------------------
> Learn the latest--Visual Studio 2012, SharePoint 2013, SQL 2012, more!
> Discover the easy way to master current and previous Microsoft technologies
> and advance your career. Get an incredible 1,500+ hours of step-by-step
> tutorial videos with LearnDevNow. Subscribe today and save!
> http://pubads.g.doubleclick.net/gampad/clk?id=58041391&iu=/4140/ostg.clktrk
> _______________________________________________
> Shorewall-users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/shorewall-users
>
>
------------------------------------------------------------------------------
Learn the latest--Visual Studio 2012, SharePoint 2013, SQL 2012, more!
Discover the easy way to master current and previous Microsoft technologies
and advance your career. Get an incredible 1,500+ hours of step-by-step
tutorial videos with LearnDevNow. Subscribe today and save!
http://pubads.g.doubleclick.net/gampad/clk?id=58041391&iu=/4140/ostg.clktrk
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
