Sorry, Tom, doesn't work for me. I also searched the whole Shorewall
install for any files containing S_FILTER_LOG_LEVEL and couldn't find any.
# patch /usr/share/shorewall/Shorewall/Config.pm < DEFAULT_LOG.patch
patching file /usr/share/shorewall/Shorewall/Config.pm
Hunk #1 succeeded at 2601 (offset -917 lines).
# shorewall try /etc/shorewall/
Compiling...
Processing /etc/shorewall/params ...
Processing /etc/shorewall/shorewall.conf...
WARNING: Option EXPORTPARAMS=Yes is deprecated
/etc/shorewall/shorewall.conf (line 168)
Loading Modules...
WARNING: RFC1918_LOG_LEVEL=ULOG ignored. The 'norfc1918' interface/host
option is no longer supported
ERROR: Log level INFO requires LOG Target in your kernel and iptables
# shorewall check -T /etc/shorewall/
WARNING: Option EXPORTPARAMS=Yes is deprecated
/etc/shorewall/shorewall.conf (line 168) at
/usr/share/shorewall/Shorewall/Config.pm line 3601
Shorewall::Config::process_shorewall_conf(0, 0) called at
/usr/share/shorewall/Shorewall/Config.pm line 3935
Shorewall::Config::get_configuration(0, 0, 0) called at
/usr/share/shorewall/Shorewall/Compiler.pm line 623
Shorewall::Compiler::compiler('script', '', 'directory',
'/etc/shorewall/', 'verbosity', 1, 'timestamp', 0, 'debug', ...) called at
/usr/share/shorewall/compiler.pl line 134
WARNING: RFC1918_LOG_LEVEL=ULOG ignored. The 'norfc1918' interface/host
option is no longer supported at /usr/share/shorewall/Shorewall/Config.pm
line 4223
Shorewall::Config::get_configuration(0, 0, 0) called at
/usr/share/shorewall/Shorewall/Compiler.pm line 623
Shorewall::Compiler::compiler('script', '', 'directory',
'/etc/shorewall/', 'verbosity', 1, 'timestamp', 0, 'debug', ...) called at
/usr/share/shorewall/compiler.pl line 134
ERROR: Log level INFO requires LOG Target in your kernel and iptables at
/usr/share/shorewall/Shorewall/Config.pm line 964
Shorewall::Config::fatal_error('Log level INFO requires LOG Target
in your kernel and iptables') called at
/usr/share/shorewall/Shorewall/Config.pm line 3376
Shorewall::Config::require_capability('LOG_TARGET', 'Log level
INFO', 's') called at /usr/share/shorewall/Shorewall/Config.pm line 2532
Shorewall::Config::validate_level('info') called at
/usr/share/shorewall/Shorewall/Config.pm line 2603
Shorewall::Config::default_log_level('SFILTER_LOG_LEVEL', 'info')
called at /usr/share/shorewall/Shorewall/Config.pm line 4228
Shorewall::Config::get_configuration(0, 0, 0) called at
/usr/share/shorewall/Shorewall/Compiler.pm line 623
Shorewall::Compiler::compiler('script', '', 'directory',
'/etc/shorewall/', 'verbosity', 1, 'timestamp', 0, 'debug', ...) called at
/usr/share/shorewall/compiler.pl line 134
Checking...
Processing /etc/shorewall/params ...
Processing /etc/shorewall/shorewall.conf...
Loading Modules...
On 7 September 2013 06:18, Tom Eastep <[email protected]> wrote:
> On 09/06/2013 08:24 AM, Tom Eastep wrote:
> > On 09/06/2013 07:32 AM, Steve Wray wrote:
> >> Believe it or not, the firewall is doing something. Mostly its rate
> >> limiting and sanity checking. We are working toward a more robust
> >> firewall but our application is pretty sensitive to closed ports and
> >> doesn't have a connection tracking module. Shorewall is definitely
> >> helping, even at this stage though, on our other servers. This is the
> >> only one with any shorewall problem.
> >>
> >> Here is the output as requested;
> >>
> >> WARNING: Option EXPORTPARAMS=Yes is deprecated
> >> /etc/shorewall/shorewall.conf (line 168) at
> >> /usr/share/shorewall/Shorewall/Config.pm line 3601
> >> Shorewall::Config::process_shorewall_conf(0, 0) called at
> >> /usr/share/shorewall/Shorewall/Config.pm line 3935
> >> Shorewall::Config::get_configuration(0, 0, 0) called at
> >> /usr/share/shorewall/Shorewall/Compiler.pm line 623
> >> Shorewall::Compiler::compiler('script', '', 'directory',
> >> '/etc/shorewall/', 'verbosity', 1, 'timestamp', 0, 'debug', ...) called
> >> at /usr/share/shorewall/compiler.pl <http://compiler.pl> line 134
> >> WARNING: RFC1918_LOG_LEVEL=ULOG ignored. The 'norfc1918'
> >> interface/host option is no longer supported at
> >> /usr/share/shorewall/Shorewall/Config.pm line 4223
> >> Shorewall::Config::get_configuration(0, 0, 0) called at
> >> /usr/share/shorewall/Shorewall/Compiler.pm line 623
> >> Shorewall::Compiler::compiler('script', '', 'directory',
> >> '/etc/shorewall/', 'verbosity', 1, 'timestamp', 0, 'debug', ...) called
> >> at /usr/share/shorewall/compiler.pl <http://compiler.pl> line 134
> >> ERROR: Log level INFO requires LOG Target in your kernel and iptables
> >> at /usr/share/shorewall/Shorewall/Config.pm line 964
> >> Shorewall::Config::fatal_error('Log level INFO requires LOG
> >> Target in your kernel and iptables') called at
> >> /usr/share/shorewall/Shorewall/Config.pm line 3376
> >> Shorewall::Config::require_capability('LOG_TARGET', 'Log level
> >> INFO', 's') called at /usr/share/shorewall/Shorewall/Config.pm line 2532
> >> Shorewall::Config::validate_level('info') called at
> >> /usr/share/shorewall/Shorewall/Chains.pm line 5174
> >> Shorewall::Chains::log_rule_limit('info', 'HASH(0xa56eb60)',
> >> 'sfilter', 'DROP', '', '', 'add', '') called at
> >> /usr/share/shorewall/Shorewall/Chains.pm line 5256
> >> Shorewall::Chains::log_rule('info', 'HASH(0xa56eb60)', 'DROP',
> >> '') called at /usr/share/shorewall/Shorewall/Misc.pm line 713
> >> Shorewall::Misc::add_common_rules(0) called at
> >> /usr/share/shorewall/Shorewall/Compiler.pm line 696
> >> Shorewall::Compiler::compiler('script', '', 'directory',
> >> '/etc/shorewall/', 'verbosity', 1, 'timestamp', 0, 'debug', ...) called
> >> at /usr/share/shorewall/compiler.pl <http://compiler.pl> line 134
> >
> > S_FILTER_LOG_LEVEL defaults to 'info', so you need to change iot.
>
> The attached simple patch will catch cases like this.
>
> patch /usr/share/shorewall/Shorewall/Config.pm < DEFAULT_LOG.patch
>
> It applies with an offset on 4.5.5.3.
>
> -Tom
>
> --
> Tom Eastep \ When I die, I want to go like my Grandfather who
> Shoreline, \ died peacefully in his sleep. Not screaming like
> Washington, USA \ all of the passengers in his car
> http://shorewall.net \________________________________________________
>
>
> ------------------------------------------------------------------------------
> Learn the latest--Visual Studio 2012, SharePoint 2013, SQL 2012, more!
> Discover the easy way to master current and previous Microsoft technologies
> and advance your career. Get an incredible 1,500+ hours of step-by-step
> tutorial videos with LearnDevNow. Subscribe today and save!
> http://pubads.g.doubleclick.net/gampad/clk?id=58041391&iu=/4140/ostg.clktrk
> _______________________________________________
> Shorewall-users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/shorewall-users
>
>
------------------------------------------------------------------------------
Learn the latest--Visual Studio 2012, SharePoint 2013, SQL 2012, more!
Discover the easy way to master current and previous Microsoft technologies
and advance your career. Get an incredible 1,500+ hours of step-by-step
tutorial videos with LearnDevNow. Subscribe today and save!
http://pubads.g.doubleclick.net/gampad/clk?id=58041391&iu=/4140/ostg.clktrk
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
