I wonder if there is a way to turn off ALL logging of the shorewall
operation. I have adjusted the shorewall.conf file to show minimum
logging but still I am getting lots of data being recorded. For example,
here is a small quote with logging set at a minimum..
Dec 13 11:33:31 linux kernel: Shorewall:net2all:DROP:IN=eth0
OUTMAC=00:50:da:92:bb:20:00:07:0d:af:dc:8c:08:00 SRC=63.163.93.201
DST=24.224.134.132 LEN=276 TOS=0x00 PREC=0x00 TTL=109 ID=31457 PROTO=93
Dec 13 11:33:31 linux kernel: Shorewall:net2all:DROP:IN=eth0
OUTMAC=00:50:da:92:bb:20:00:07:0d:af:dc:8c:08:00 SRC=63.163.93.201
DST=24.224.134.132 LEN=276 TOS=0x00 PREC=0x00 TTL=109 ID=31458 PROTO=93
Dec 13 11:33:31 linux kernel: Shorewall:net2all:DROP:IN=eth0
OUTMAC=00:50:da:92:bb:20:00:07:0d:af:dc:8c:08:00 SRC=63.163.93.201
DST=24.224.134.132 LEN=276 TOS=0x00 PREC=0x00 TTL=109 ID=31459 PROTO=93
Dec 13 11:33:31 linux kernel: Shorewall:net2all:DROP:IN=eth0
OUTMAC=00:50:da:92:bb:20:00:07:0d:af:dc:8c:08:00 SRC=63.163.93.201
DST=24.224.134.132 LEN=276 TOS=0x00 PREC=0x00 TTL=109 ID=31460 PROTO=93
Dec 13 11:33:31 linux kernel: Shorewall:net2all:DROP:IN=eth0
OUTMAC=00:50:da:92:bb:20:00:07:0d:af:dc:8c:08:00 SRC=63.163.93.201
DST=24.224.134.132 LEN=276 TOS=0x00 PREC=0x00 TTL=109 ID=31461 PROTO=93
Dec 13 11:33:31 linux kernel: Shorewall:net2all:DROP:IN=eth0
OUTMAC=00:50:da:92:bb:20:00:07:0d:af:dc:8c:08:00 SRC=63.163.93.201
DST=24.224.134.132 LEN=276 TOS=0x00 PREC=0x00 TTL=109 ID=31462 PROTO=93
Dec 13 11:33:31 linux kernel: Shorewall:net2all:DROP:IN=eth0
OUTMAC=00:50:da:92:bb:20:00:07:0d:af:dc:8c:08:00 SRC=63.163.93.201
DST=24.224.134.132 LEN=276 TOS=0x00 PREC=0x00 TTL=109 ID=31463 PROTO=93
Dec 13 11:33:31 linux kernel: Shorewall:net2all:DROP:IN=eth0
OUTMAC=00:50:da:92:bb:20:00:07:0d:af:dc:8c:08:00 SRC=63.163.93.201
DST=24.224.134.132 LEN=276 TOS=0x00 PREC=0x00 TTL=109 ID=31464 PROTO=93
Dec 13 11:33:31 linux kernel: Shorewall:net2all:DROP:IN=eth0
OUTMAC=00:50:da:92:bb:20:00:07:0d:af:
Any thoughts?
---
I used to be Snow White, but I drifted.
-- Mae West
Ted Gervais
Coldbrook Nova Scotia
Canada B4R1A7
On Saturday 13 December 2003 09:51 am, Ted Gervais wrote:> I wonder if there is a way to turn off ALL logging of the shorewall > operation. I have adjusted the shorewall.conf file to show minimum > logging but still I am getting lots of data being recorded. For example, > here is a small quote with logging set at a minimum..<log messages snipped>> > Any thoughts? >Yes -- please read FAQ 17. In your case, you also need to adjust the /etc/shorewall/policy file. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net
On Sat, 13 Dec 2003, Tom Eastep wrote:> On Saturday 13 December 2003 09:51 am, Ted Gervais wrote: > > I wonder if there is a way to turn off ALL logging of the shorewall > > operation. I have adjusted the shorewall.conf file to show minimum > > logging but still I am getting lots of data being recorded. For example, > > here is a small quote with logging set at a minimum.. > > <log messages snipped> > > > > > Any thoughts? > > > > Yes -- please read FAQ 17. In your case, you also need to adjust the > /etc/shorewall/policy file.OK Tom. Thanks for your note. I had read that FAQ17 before but I guess I needed some more prompting to look at it again. What I did was to adjust my policy file whereby I removed''info'' as you see it below. That seems to have given me more control over the logging activities and hope I am on the right track. I had played with the burst element as well but that caused me more problems than I needed. So, with just the ''info'' removed from the policy file things seem to be ok.. fw net ACCEPT net all DROP info all all REJECT info peers fw ACCEPT fw peers ACCEPT --- Intuition, however illogical, is recognized as a command prerogative. -- Kirk, "Obsession", stardate 3620.7 Ted Gervais Coldbrook Nova Scotia Canada B4R1A7