On Fri, 9 Aug 2002, Ken wrote:
> I have log messages due to rule errors and would like to clear those
> messages (shorewall show log) or does it get cleared if I restart the
> process?
>
Ken -- you need to understand what Shorewall is (and is not):
a) Shorewall is a set of shell scripts that configures the Netfilter
packet filter (part of the Linux 2.4 kernels); it also configures a bit of
routing and traffic shaping if''s you''ve included the
appropriate
specifications in Shorewall''s configuration files.
b) Once the "shorewall start" command completes, there is NOT A SINGLE
INSTRUCTION OF SHOREWALL CODE LEFT RUNNING.
c) Netfilter is part of the kernel so it logs its messages using the
kernel''s logging facility. These messages are forwarded though the
Kernel
Log Daemon (klogd) and passed onto the system log daemon "syslogd".
That
daemon uses the specifications in /etc/syslog.conf to direct messages to
various destinations based on a "facility" and "log level".
For netfilter
messages, the "facility" is always "kernel" and the
"log level" is
determined by Shorewall specifications.
d) In my examples and sample configurations, I almost always use
"info" as
the "log level" so Shorewall messages are directed to kernel.info
ALONG
WITH ALL OF THE OTHER MESSAGES LOGGED IN THIS WAY.
So in summary, there is no "Shorewall log" -- there are only Shorewall
messages in one or more of syslogd''s logs.
I''ve never felt the need to rotate syslog''s logs since
it''s done
automatically by cron scripts but if you want to experiment, you can start
with "man logrotate".
-Tom
--
Tom Eastep \ Shorewall - iptables made easy
AIM: tmeastep \ http://www.shorewall.net
ICQ: #60745924 \ teastep@shorewall.net