Shorewall users - Dec 2006 - Faq Fodder?

Later versions of SUSE seem to use syslog-ng by default, which sends
all your shorewall loggings to /var/log/firewall instead of 
/var/log/messages.

If you configure shorewall late at night or early morning or any 
other
time when synapes are suppressed you will fail to recognise this
fact till you have fiddled with every shorewall file twice and still
can''t get anything in /var/log/messages or "shorewall hits".

Maybe a FAQ 16a would head off a lot of head scratching as more
distros adopt syslog-ng.  Something along the lines of:
 "Why can''t I see any Shorewall messages in
/var/log/messages"
  
The actual log file name will likely not be well standardized, but
anytime you see no logging even with verbosity=3 its time to 
look outside the shorewall configuration for the cause.


-- 
______________________________________
John Andersen
NORCOM / Juneau, Alaska
http://www.screenio.com/
(907) 790-3386

.

-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net''s Techsay panel and you''ll get the chance
to share your
opinions on IT & business topics through brief surveys - and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV

John S. Andersen wrote:
>
> 
> Maybe a FAQ 16a would head off a lot of head scratching as more
> distros adopt syslog-ng.
Added.

Thanks,
-Tom
-- 
Tom Eastep    \ Nothing is foolproof to a sufficiently talented fool
Shoreline,     \ http://shorewall.net
Washington USA  \ teastep@shorewall.net
PGP Public Key   \ https://lists.shorewall.net/teastep.pgp.key



-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net''s Techsay panel and you''ll get the chance
to share your
opinions on IT & business topics through brief surveys - and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV