I think that these messages are something that one would like logged. Surely
restarting your firewall isn't something that happens often?
--
[ Todd J. Troxell ,''`.
Student, Debian GNU/Linux Developer, SysAdmin, Geek : :' :
http://debian.org || http://rapidpacket.com/~xtat `. `'
`- ]
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url :
http://lists.alioth.debian.org/pipermail/logcheck-devel/attachments/20040831/9e30fd5c/attachment.pgp
I think that these messages are something that one would like logged. Sure ly
restarting your firewall isn't something that happens often?
Yes it happens often. I cannot modify bind setting unless I first kill
shorewall, I do not know why it's been like that but the rndc process
cannot be reached although I have enabled all shorewall DNS ports. So,
# shorewall stop
# bind restart
# shorewall start
is pretty usual situation for me. In addition, I do tweak shorewall rules
very often, because I have requested new rules to it that are included
in next upgrades. I also add or remove services, so shorewall needs
restarts at least for following months. I think those start|stop
messages cold be ignored by logcheck.
Jari
On Wed, Sep 01, 2004 at 02:14:48PM +0300, Jari Aalto wrote:> # shorewall stop > # bind restart > # shorewall start > > is pretty usual situation for me. In addition, I do tweak shorewall rules > very often, because I have requested new rules to it that are included > in next upgrades. I also add or remove services, so shorewall needs > restarts at least for following months. I think those start|stop > messages cold be ignored by logcheck.For you personally they may be good rules, but I have my doubts that these are good rules to ship with logcheck itself. Perhaps if you could add them to your local rules this would be sufficent to stop you from being bothered by these logs, and would still allow other users of logcheck to see if their firewalls had stopped or started unexpectedly? Steve -- # The Debian Security Audit Project. http://www.debian.org/security/audit