search for: ulog

Dear all: Im using shorewall 2.0.3a (debian) w/ ULOG. shorewall starts ok, and the firewall is running, but nothing is printed on the logs. I try, for example, to do a connection to a port that is opened on the server but closed by the FW and I get a connection refused. If I stop the firewall, this port is accesible from the outside. I think I'...

I want to use fprobe-ulog (http://fprobe.sourceforge.net/) to generate NetFlow information about traffic going through my router. The question is how to get the logging rules added to the appropriate chains (I''m assuming eth2_in and eth2_out in my case)? I''m using the perl version of shorewall 4.0.6....

...AT working on the router to map virtual ip/port to realip/realport. That all works fine. For axample: users connecting to 192.168.1.129:80 are brought to 192.168.1.2:80 users connecting to 192.168.1.145:80 are brought to 192.168.1.2:81 I have to put all traffic I need for accounting to "-j ULOG --ulog-nlgroup 10". And, packets should have ips seen to users. For axample: 10.10.102.50 -> 192.168.1.145:80 192.168.1.145:80 -> 10.10.102.50 and 10.10.102.50 -> 192.168.1.129:80 192.168.1.129:80 -> 10.10.102.50 BUT, instead I have: 10.10.102.50 -> 192.168.1.145:80 192...

...rently using an up-to-date installation of Debian Sid, which has shorewall 4.2.10, shorewall-shell 4.2.10 and shorewall-perl 4.2.10.1. I noticed that even though I had the following /etc/shorewall/policy file, iptables would still show LOG rules at the end of the INPUT and OUTPUT chains instead of ULOG rules. (Other logging related rules have ULOG as expected.) === 8< === #SOURCE DEST POLICY LOG LEVEL LIMIT:BURST $FW net ACCEPT - net $FW DROP ULOG all all DROP ULOG === >8 === For the record, I have every log-level related option in /etc/shorewall/shorewall.conf set to ULOG. A...

...switched off my (lame) hardware firewall onto an old box running linux 2.4.18, iptables 1.2.6 and shorewall 1.2.9. I''m kinda new to linux firewalling myself but so far Shorewall has taken much work from me. While reading myself into iptables I saw that just recently something called ULOG (userspace logging) has been implemented in newer kernels and iptables. I''d be very interested to use ULOG in combination with shorewall as the firewall box only has about 20megs free space for logging (and didn''t like my hdupgrade attempts either). If I could have ipta...

I''m noticing some weirdness in my ulog files with version 2.0.10. Here is a portion of the log: Jan 7 11:01:37 rancor Shorewall:loc2fw:AllowWOL: IN=eth1 OUT= MAC=ff:ff:ff:ff:ff:ff:00:0a:95:b2:11:4c:08:00 SRC=192.168.0.100 DST=192.168.0.255 LEN=97 TOS=00 PREC=0x00 TTL=64 ID=44155 CE PROTO=UDP SPT=631 DPT=631 LEN=77 Jan 7 11:...

Hello, I installed my linux server for 3 months now. It does almost everything (dns, web & mail server, firewall ...). I just encounterd two problems with the firewall: behind this server there are 2 computers: i got emule on one and msn on the other. The problem is that I can''t configure well the firewall fore these 2 rules. I''ve added DNAT rules but it

....2.0/24 dev eth2 scope link 192.168.1.0/24 dev eth1 scope link 192.168.0.0/16 via 210.23.146.137 dev ipsec0 127.0.0.0/8 dev lo scope link default via 210.23.146.137 dev eth0 Shorewall is using one-to-one nat. loc net ACCEPT net all DROP ULOG all all DROP ULOG loc vpn ACCEPT ULOG vpn loc ACCEPT ULOG vpn fw ACCEPT ULOG fw vpn ACCEPT ULOG Office 2: Routing: 203.221.216.10...

http://bugzilla.netfilter.org/show_bug.cgi?id=748 Summary: Range check for ulog-cprange is wrong Product: iptables Version: unspecified Platform: All OS/Version: All Status: NEW Severity: normal Priority: P5 Component: iptables AssignedTo: netfilter-buglog at lists.netfilter.org Re...

https://bugzilla.netfilter.org/show_bug.cgi?id=986 Bug ID: 986 Summary: ulogd fails to build against linux headers >= 3.17.0 due to ULOG target removal Product: ulogd Version: SVN (please provide timestamp) Hardware: x86_64 OS: Gentoo Status: NEW Severity: major Priority:...

...MBERS and another almost identical case without) down to this slightly shorter version with no duplication (excerpt): if [ -n "$LOGRULENUMBERS" ]; then eval rulenum=\$${chain}_logrules [ -z "$rulenum" ] && rulenum=1 fi case $level in ULOG) log=ulog LOGTYPE=ULOG loglevel= ;; *) log=log LOGTYPE=LOG loglevel="--log-level $level" ;; esac eval iptables -A $chain $@ $limit -j $LOGTYPE $LOGPARMS \ $loglevel \ --${log}-prefix ''"$(Logprintf "$LOGFORMAT" $chain $rulenum $disp...

hi, if i would like to use ulog (in order to split netfilter messages from other kernel messages), than i have to set all loglevel to ULOG? and then is there any way to define diferent loglevel for eg. maclist? thanks in advance. yours. ps. it''s a bit confusing that all loglevel parameter name is LOG_LEVEL except BLA...

https://bugzilla.netfilter.org/show_bug.cgi?id=921 Summary: log, ulog and nflog: command-line parameters are not supported Product: nftables Version: unspecified Platform: x86_64 OS/Version: All Status: NEW Severity: normal Priority: P5 Component: nft Assigned...

...68.11.255 dhcp --masq-- eth0 192.168.10.0/24 eth0 192.168.11.0/24 --routestopped-- eth1 - eth2 - --policy-- loc net ACCEPT fw net ACCEPT dmz net ACCEPT ULOG net all DROP ULOG all all REJECT ULOG --rules-- ACCEPT fw net tcp 53 ACCEPT fw net udp 53 ACCEPT loc fw tcp 53 ACCEP...

--/aVve/J9H4Wl5yVO Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Hi Everybody! I had to change the ulog.patch in recent patch-o-matic to use a different netlink family (it's now 5 instead of 4). This means, you will have to recompile your ulogd or any other application in order to make it work. That's also why I have removed all binary ulogd packages from gnumonks.org and netfilter.org. So...

Hi, I''m using following rule in /etc/shorewall/rules REJECT:ULOG:P2P loc net ipp2p:all ipp2p iptables -L : Chain loc2net (1 references) target prot opt source destination ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED ULOG all -- anywhere anywhere ipp2p v0...

Anywhere that a syslog level can appear, you can now specify ULOG (must be upper case) and logging will occur to the ulog target. You can download ulogd from http://www.gnumonks.org/projects/ulogd. Only the ''firewall'' file is required. None of the comments in the other config files are updated yet but I''m working on it. -Tom -- Tom...

Going deeper on last post "[Shorewall-users] logging", I found a very nice package that handles ULOG messages in a web interface, where you can browse the events from a MySql database produced by ULOGD. Real time. The name is: ULOGD-PHP From the site: ------------------------------------------- ulogd-php is able to : show the last hosts that broke packets on your firewall. show the last ports...

http://bugzilla.netfilter.org/show_bug.cgi?id=600 Summary: ULOG target does not support --log-uid Product: iptables Version: unspecified Platform: All OS/Version: All Status: NEW Severity: enhancement Priority: P1 Component: iptables AssignedTo: laforge at netfilter.org...

Hi, I have a legal requirement to log all connections and I will use ULOG to log all ACCEPTED conenctions. However it is so much easier to look at text log file compared to binary log file. So I would like to log DROPPED/REJECTED packets with SYSLOG for rule testing/debuging purposes. Is it possible to use both ULOG for ACCEPTED packets and SYSLOG for DROPPED packets?...