search for: shorewall_logging

http://shorewall.net/pub/shorewall/Alpha/shorewall-2.0.0 ftp://shorewall.net/pub/shorewall/Alpha/shorewall-2.0.0 See if this change to proxy arp is more palatable. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net

I want to use fprobe-ulog (http://fprobe.sourceforge.net/) to generate NetFlow information about traffic going through my router. The question is how to get the logging rules added to the appropriate chains (I''m assuming eth2_in and eth2_out in my case)? I''m using the perl version of shorewall 4.0.6. -- Orion Poplawski Technical Manager 303-415-9701

Hi Tom and list, Still trying to set up Shorewall logging. I understand that Shorewall require syslog to get logging working, however I have metalog. Is this possible to use metalog as logging facility for Shorewall? I was reading http://www.shorewall.net/shorewall_logging.html and it describes other method ( ULOG ). I understand that I have to compile ULOG support in the kernel... where do I find it in kernel build options? Alex.

On 28/07/2010 15:45, shorewall-users-request@lists.sourceforge.net wrote: > On 7/28/10 1:50 AM, Andrea Perdicchia wrote: > >> > Hi all, >> > Is possible log mac address in shorewall? >> > I try all configuration "debug,info..." in /etc/shorewall/shorewall.conf >> > but in /var/log/messages the log show only few information and not mac

...nothing is printed on the logs. I try, for example, to do a connection to a port that is opened on the server but closed by the FW and I get a connection refused. If I stop the firewall, this port is accesible from the outside. I think I''ve followed all the steps on http://shorewall.net/shorewall_logging.html : 1) I''ve installed ulog 0.97-1, and configured it so it logs on /var/log/ulog.log 2) I''ve modified each appearance of "info" to "ULOG" in my config st3:/etc/shorewall# grep ULOG * policy:net all REJECT ULOG policy:all...

Hello all I wanted to forward all incoming requests in port 80 to a server in my LAN, and by using DNAT lines, it actually works. However, it is unstable, in the sense that in the beggining of each connection (one or two seconds) it is extremely fast, then it sometimes pauses and waits 30 seconds or so, then it starts again and so on. The line i used is : DNAT net loc:192.168.0.210 tcp 80 DNAT

Good day, I have gone through a couple of the HOWTO''s on how to get this to work, but I am still sitting with a very strange (for me) issue. If two clients connect via OpenVPN (bridged), they can access each other without any problems, but neither of them can access the server, nor any system behind it. I am fairly sure it is a Shorewall issue, but I am very new to Shorewall, having

Is it possible to define a file log such as for example /dev/tty2 in the configuration of shorewall. greetings.

hi, if i would like to use ulog (in order to split netfilter messages from other kernel messages), than i have to set all loglevel to ULOG? and then is there any way to define diferent loglevel for eg. maclist? thanks in advance. yours. ps. it''s a bit confusing that all loglevel parameter name is LOG_LEVEL except BLACKLIST_LOGLEVEL:-( -- Levente

OK. Let me preface by saying I''ve read http://www.shorewall.net/shorewall_logging.html; http://www.shorewall.net/FAQ.htm -- FAQs 6,6a,tb,tc,6d,16,17 and 21; http://marc.theaimsgroup.com/?l=gentoo-security&m=106040714910563&w=2; http://www.shorewall.net/troubleshoot.htm; man syslog; man 3 syslog; man syslogd; man klogd; man printk; man dmesg; skimmed through all o...

Hello, I changed the log path in shorewall.conf, LOGFILE=/var/log/messages to LOGFILE=/var/log/shorewall, and then I touched the shorewall file in /var/log, permission root:root 600, after shorewall restart, no logging messages appear in /var/log/shorewall. so how can I fix this problem ? Thanks !! _______________________________________ YM - 離線訊息

Hi there, I''m total stuck in this. I have NO problems, with controlling port 80, 22, 21 and other TCP ports. But to open UDP port 27960 is very difficult for me, I''ve searched google, but can''t find a solution, therefore I ask the experts in here. My OS is Debian Etch 64 bit # uname -a Linux sauron 2.6.18-6-amd64 #1 SMP Fri Jun 6 05:24:08 UTC 2008 x86_64 GNU/Linux

Dear newfound friends, please be patient. For me reading and writing in English is more painful than dissecting IP traces :) I have tried reading through the FAQ but could not quite understand: I would like the logs to be terser. I think I can live without MAC, LEN, TOS, PREC, TTL, ID fields normally (maybe need them only in special situations). Could not understand if/how I can achieve this.

hi all, i have a classic net topology with two local zone, a firewall/router with dsl connection loc1 (192.168.11.0/24) ----- fw ----- net loc2 (192.168.12.0/24) now on the local zone 1 (on a WinXP machine) i have installed OpenVPN 2.x to make a test connection with a company. OpenVPN is configured as client to use tun on udp port 10000 with ip 10.0.0.2, on the other

I have a fedora 3 with postfix and apache apache is ok, webmin is fine, etc no 25 or 110 ? kevin Jan 4 15:47:13 ibm kernel: Shorewall:net2fw:ACCEPT:IN=eth0 OUT= MAC=00:06:29:33 :e8:7e:00:02:3b:00:02:c4:08:00 SRC=67.127.200.22 DST=4.11.105.55 LEN=40 TOS=0x00 PREC=0x00 TTL=44 ID=33681 PROTO=TCP SPT=57621 DPT=25 WINDOW=2048 RES=0x00 SYN U RGP=0 Jan 4 15:47:20 ibm kernel:

Hi, I have 2 Debian testing boxes running a very similar setup (both running the latest aptosid kernel); on one of them, since the iptables/libxtables10 packages have been upgraded from 1.4.19.1-1 to 1.4.20-2, shorewall-init can''t start shorewall anymore and for this reason ifupdown also fails triggering firewall up. Shorewall can be successfully started later on, and ifupdown starts

Hi, Trying to figure out why I cannot get access to dell.com Their site is up because I can browse using a different firewall. Trying to find out where the logs are located and what log files it would write to if it were to deny browsing to a website. I can see the [UNREPLIED] when using the shorewall status. Was hoping to know what logfile it is writing it to. Thanks in advance, Elmer