Displaying 20 results from an estimated 21 matches for "maclist_log_level".
2002 Dec 22
2
maclist option -> sorry good ver.
Setting up MAC Verification on eth0...
Error: Interface eth0 must be up before Shorewall can start
my :
/etc/shorewall/shorewall.conf:
MACLIST_DISPOSITION=REJECT
MACLIST_LOG_LEVEL=info
interfaces:
#ZONE INTERFACE BROADCAST OPTIONS
net ppp0 217.96.90.242 noping
loc eth0 255.255.255.0 routestopped,maclistmaclist:
maclist:
#INTERFACE MAC IP ADDRESSES (Optional)
eth0 00:30:4F:19:73:0C 192.168.1.2
eth0...
2006 Oct 23
3
command not found error
I am running version 3.0.7 of Shorewall on a Debian Sarge system, but when I
start Shorewall I get this:
/usr/share/shorewall/firewall: line 204: 4: command not found
I looked there and found this:
# Run ip and if an error occurs, stop the firewall and quit
#
run_ip() {
if ! ip $@ ; then
if [ -z "$STOPPING" ]; then
error_message "ERROR: Command \"ip
2003 Aug 12
1
Shorewall Keeps sending false IP Address Conflict
...RATE=
+ LOGBURST=
+ LOGPARMS=
+ ADD_IP_ALIASES=
+ ADD_SNAT_ALIASES=
+ TC_ENABLED=
+ LOGUNCLEAN=
+ BLACKLIST_DISPOSITION=
+ BLACKLIST_LOGLEVEL=
+ CLAMPMSS=
+ ROUTE_FILTER=
+ NAT_BEFORE_RULES=
+ DETECT_DNAT_IPADDRS=
+ MUTEX_TIMEOUT=
+ NEWNOTSYN=
+ LOGNEWNOTSYN=
+ FORWARDPING=
+ MACLIST_DISPOSITION=
+ MACLIST_LOG_LEVEL=
+ TCP_FLAGS_DISPOSITION=
+ TCP_FLAGS_LOG_LEVEL=
+ RFC1918_LOG_LEVEL=
+ MARK_IN_FORWARD_CHAIN=
+ SHARED_DIR=/usr/share/shorewall
+ FUNCTIONS=
+ VERSION_FILE=
+ LOGFORMAT=
+ LOGRULENUMBERS=
+ stopping=
+ have_mutex=
+ masq_seq=1
+ nonat_seq=1
+ aliases_to_add=
+ TMP_DIR=/tmp/shorewall-25579
+ rm -rf...
2002 Dec 22
0
with maclist option can''t start
Setting up MAC Verification on eth0...
Error: Interface eth0 must be up before Shorewall can start
my :
/etc/shorewall/shorewall.conf:
MACLIST_DISPOSITION=REJECT MACLIST_LOG_LEVEL=infointerfaces:#ZONE
INTERFACE BROADCAST OPTIONSnet ppp0 217.96.90.242
nopingloc eth0 255.255.255.0
routestopped,maclistmaclist:#INTERFACE MAC
IP ADDRESSES (Optional)eth0 00:30:4F:19:73:0C
192.168.1.2 eth0 00:30:4F:19:6E:EF
192.1...
2014 Nov 22
0
[Bug 977] ulogd_inppkt_NFLOG.c:503 forcing unbind of existing log handler for protocol
...umed.
The second number specifies the maximum number of bytes to copy. If
omitted, 0 (no limit) is assumed.
The third number specifies the number of log messages that should
be buffered in the kernel before they are sent to user space. The
default is 1.
Examples:
/etc/shorewall/shorewall.conf:
MACLIST_LOG_LEVEL=NFLOG(1,0,1)
So I now added in to my shorewall NFLOG(1,0,1), which if I'm understanding this
correct, the first 1 gives me group 1 which I believe is what you said I need.
And now with this setting I'm seeing logging... :)
In ulog.conf I'm using;
stack=log2:NFLOG,base1:BASE,ifi1:IFIN...
2003 Mar 21
1
Shorewall config format
Hi,
I''m a long time shorewall user and I like it very much. There is only
one thing were I''m not always happy with: the config files.
There has been discussion on the list about the comments in the files.
My concern is that I loose overview over my configuration because of the
many config files. Of course there are advantages too but I thinking
wether another config format would
2005 Mar 10
7
norfc1918 not working in SW 2.2.1?
...orewall/shorewall.conf
=======================================================
[root@hn00dmz01 maint]# grep -v -e "^#" -e "^$"
/etc/shorewall/shorewall.conf
LOGFILE=/var/log/messages
LOGFORMAT="Shorewall:%s:%s:"
LOGRATE=
LOGBURST=
BLACKLIST_LOGLEVEL=
LOGNEWNOTSYN=info
MACLIST_LOG_LEVEL=info
TCP_FLAGS_LOG_LEVEL=info
RFC1918_LOG_LEVEL=info
SMURF_LOG_LEVEL=info
BOGON_LOG_LEVEL=info
PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin:/usr/local/sbin
SHOREWALL_SHELL=/bin/sh
SUBSYSLOCK=/var/lock/subsys/shorewall
STATEDIR=/var/lib/shorewall
MODULESDIR=
CONFIG_PATH=/etc/shorewall/action:/e...
2007 Nov 20
3
Shorewall 4.1.0
...es the maximum number of bytes to copy. If
omitted, 0 (no limit) is assumed.
The third number specifies the number of log messages that should
be buffered in the kernel before they are sent to user space. The
default is 1.
Examples:
/etc/shorewall/shorewall.conf:
MACLIST_LOG_LEVEL=NFLOG(1,0,1)
/etc/shorewall/rules:
ACCEPT:NFLOG(1,0,1) vpn fw tcp ssh,time,631,8080
5) Shorewall-perl 4.1.0 implements an alternative syntax for macro
parameters and for the NFQUEUE queue number. Rather than following
the macro name (or NFQUEUE) with a slash ("/")...
2006 Aug 29
3
masq problem
...stopped:
eth2 x.x.x.x
eth2 y.y.y.y
zones:
fw firewall
net ipv4
loc ipv4
shorewall.conf: (i think it''s default but not shure)
STARTUP_ENABLED=Yes
LOGFILE=/var/log/messages
LOGFORMAT="Shorewall:%s:%s:"
LOGTAGONLY=No
LOGRATE=
LOGBURST=
LOGALLNEW=
BLACKLIST_LOGLEVEL=
MACLIST_LOG_LEVEL=info
TCP_FLAGS_LOG_LEVEL=info
RFC1918_LOG_LEVEL=info
SMURF_LOG_LEVEL=info
LOG_MARTIANS=No
IPTABLES=
PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin:/usr/local/sbin
SHOREWALL_SHELL=/bin/sh
SUBSYSLOCK=""
MODULESDIR=
CONFIG_PATH=/etc/shorewall:/usr/share/shorewall
RESTOREFILE=
IPSECFILE=zo...
2007 Nov 10
2
Access Point with Ethernet.
...et fw tcp 21,25,37,80,110,113,995,1024:3127,3129:65535
ACCEPT net fw udp 37,123,1024:65535
ACCEPT loc fw tcp 25,123,631
/etc/shorewall/shorewall.conf:
LOGFILE=/var/log/messages
LOGFORMAT="Shorewall:%s:%s:"
LOGTAGONLY=No
LOGRATE=
LOGBURST=
LOGALLNEW=
BLACKLIST_LOGLEVEL=
LOGNEWNOTSYN=info
MACLIST_LOG_LEVEL=info
TCP_FLAGS_LOG_LEVEL=info
RFC1918_LOG_LEVEL=info
SMURF_LOG_LEVEL=info
BOGON_LOG_LEVEL=info
LOG_MARTIANS=No
IPTABLES=
PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin:/usr/local/sbin
SHOREWALL_SHELL=/bin/sh
SUBSYSLOCK=""
STATEDIR=/var/lib/shorewall
MODULESDIR=
CONFIG_PATH=/etc/shorewa...
2005 Apr 19
14
allow ssh access from net to fw?
...#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
SHOREWALL.CONF:
----------------------------------------------------------------------------
------------------
LOGFILE=/var/log/firewall
LOGFORMAT="Shorewall:%s:%s:"
LOGRATE=
LOGBURST=
BLACKLIST_LOGLEVEL=
LOGNEWNOTSYN=info
MACLIST_LOG_LEVEL=info
TCP_FLAGS_LOG_LEVEL=info
RFC1918_LOG_LEVEL=info
SMURF_LOG_LEVEL=info
PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin:/usr/local/sbin
SHOREWALL_SHELL=/bin/sh
SUBSYSLOCK=/var/lock/subsys/shorewall
STATEDIR=/var/lib/shorewall
MODULESDIR=
CONFIG_PATH=/etc/shorewall:/usr/share/shorewall
RESTOREFI...
2009 Jun 27
1
Transparent Proxy Problem with Squid3 and Shorewall
...rewall
net ipv4
loc ipv4
#LAST LINE - ADD YOUR ENTRIES ABOVE THIS ONE - DO NOT REMOVE
And finally shorewall.conf:
STARTUP_ENABLED=Yes
VERBOSITY=1
SHOREWALL_COMPILER=
LOGFILE=/var/log/messages
LOGFORMAT="Shorewall:%s:%s:"
LOGTAGONLY=No
LOGRATE=
LOGBURST=
LOGALLNEW=
BLACKLIST_LOGLEVEL=
MACLIST_LOG_LEVEL=info
TCP_FLAGS_LOG_LEVEL=info
RFC1918_LOG_LEVEL=info
SMURF_LOG_LEVEL=info
LOG_MARTIANS=No
IPTABLES=
PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin:/usr/local/sbin
SHOREWALL_SHELL=/bin/sh
SUBSYSLOCK=""
MODULESDIR=
CONFIG_PATH=/etc/shorewall:/usr/share/shorewall
RESTOREFILE=
IPSECFILE=zo...
2013 Jun 13
3
"Multiple Internet Connections" with four interfaces
Hi,
I was reading document http://shorewall.net/MultiISP.html#idp3634200.
Inspired by the document I was trying to establish the following changes:
* one additional interface: COMA_IF
* COM[A,B,C]_IF interfaces request IP address via DHCP
* all non-RFC 1918 destined trafic is NATed from INT_IF to COMA_IF
* all non-RFC 1918 destined trafic from GW is routed via COMB_IF by default
* non-RFC 1918
2013 Aug 31
23
ERROR: Log level INFO requires LOG Target in your kernel and iptables
Hi,
I have 2 Debian testing boxes running a very similar setup (both running
the latest aptosid kernel); on one of them, since the
iptables/libxtables10 packages have been upgraded from 1.4.19.1-1 to
1.4.20-2, shorewall-init can''t start shorewall anymore and for this
reason ifupdown also fails triggering firewall up.
Shorewall can be successfully started later on, and ifupdown starts
2004 Oct 29
8
No entries in the syslog, even though the LOG chains show counts
...irewall is for its own services only.
My shorewall.conf, without comments, is as follows:
$ egrep -v ''^( *#)|^$'' shorewall.conf
LOGFILE=/var/log/messages
LOGFORMAT="Shorewall:%s:%s:"
LOGLIMIT=""
LOGBURST=""
BLACKLIST_LOGLEVEL=info
LOGNEWNOTSYN=info
MACLIST_LOG_LEVEL=info
TCP_FLAGS_LOG_LEVEL=info
RFC1918_LOG_LEVEL=info
SMURF_LOG_LEVEL=info
BOGON_LOG_LEVEL=info
PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin:/usr/local/sbin
SHOREWALL_SHELL=/bin/sh
SUBSYSLOCK=""
STATEDIR=/var/lib/shorewall
MODULESDIR=
CONFIG_PATH=/etc/shorewall:/usr/share/shorewall
RE...
2013 Sep 10
6
lsm configuration issues...
...------------
/etc/shorewall/shorewall.conf
----------------------------------------------------------------------
STARTUP_ENABLED=Yes
VERBOSITY=1
BLACKLIST_LOGLEVEL=
LOG_MARTIANS=Yes
LOG_VERBOSITY=2
LOGALLNEW=
LOGFILE=/var/log/messages
LOGFORMAT="Shorewall:%s:%s:"
LOGTAGONLY=No
LOGLIMIT=
MACLIST_LOG_LEVEL=info
RELATED_LOG_LEVEL=
SFILTER_LOG_LEVEL=info
SMURF_LOG_LEVEL=info
STARTUP_LOG=/var/log/shorewall-init.log
TCP_FLAGS_LOG_LEVEL=info
CONFIG_PATH="${CONFDIR}/shorewall:${SHAREDIR}/shorewall"
GEOIPDIR=/usr/share/xt_geoip/LE
IPTABLES=
IP=
IPSET=
LOCKFILE=
MODULESDIR=
PATH="/sbin:/bin:/u...
2005 Jan 08
8
Shorewall problem, perhaps with PPPoE
I have what strikes me as an odd problem with shorewall.
Let me describe my setup.
My desktop (alfred) is connected to the network
through an ADSL modem.
I am running rp-pppoe, and this works perfectly.
I have a small home network, with two LANs;
an Ethernet LAN (including a machine running Windows XP),
and a WiFi LAN, including the laptop (william) I am using now.
All the computers except for
2004 Dec 04
7
vpn-zone wide open
...172.21.0.0/16 all
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
------------------------------------------------------
* /etc/shorwall/shorewall.conf
LOGFILE=/var/log/messages
LOGFORMAT="Shorewall:%s:%s:"
LOGRATE=
LOGBURST=
BLACKLIST_LOGLEVEL=
LOGNEWNOTSYN=info
MACLIST_LOG_LEVEL=info
TCP_FLAGS_LOG_LEVEL=info
RFC1918_LOG_LEVEL=info
SMURF_LOG_LEVEL=info
BOGON_LOG_LEVEL=info
PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin:/usr/local/sbin
SHOREWALL_SHELL=/bin/sh
SUBSYSLOCK=/var/lock/subsys/shorewall
STATEDIR=/var/lib/shorewall
MODULESDIR=
CONFIG_PATH=/etc/shorewall:/usr/shar...
2003 Mar 23
12
Shorewall 1.4.1
This is a minor release of Shorewall.
WARNING: This release introduces incompatibilities with prior releases.
See http://www.shorewall.net/upgrade_issues.htm.
Changes are:
a) There is now a new NONE policy specifiable in
/etc/shorewall/policy. This policy will cause Shorewall to assume that
there will never be any traffic between the source and destination
zones.
b) Shorewall no longer
2005 May 31
11
More Tests for 2.4.0-RC2 - strange behaviour
...+ LOGRATE=
+ LOGBURST=
+ LOGPARMS=
+ LOGLIMIT=
+ ADD_IP_ALIASES=
+ ADD_SNAT_ALIASES=
+ TC_ENABLED=
+ BLACKLIST_DISPOSITION=
+ BLACKLIST_LOGLEVEL=
+ CLAMPMSS=
+ ROUTE_FILTER=
+ LOG_MARTIANS=
+ DETECT_DNAT_IPADDRS=
+ MUTEX_TIMEOUT=
+ NEWNOTSYN=
+ LOGNEWNOTSYN=
+ FORWARDPING=
+ MACLIST_DISPOSITION=
+ MACLIST_LOG_LEVEL=
+ TCP_FLAGS_DISPOSITION=
+ TCP_FLAGS_LOG_LEVEL=
+ RFC1918_LOG_LEVEL=
+ BOGON_LOG_LEVEL=
+ MARK_IN_FORWARD_CHAIN=
+ SHARED_DIR=/usr/share/shorewall
+ FUNCTIONS=
+ VERSION_FILE=
+ LOGFORMAT=
+ LOGRULENUMBERS=
+ ADMINISABSENTMINDED=
+ BLACKLISTNEWONLY=
+ MODULE_SUFFIX=
+ ACTIONS=
+ USEDACTIONS=
+ SMU...