I am running Debian testing (lenny) and my "apt-get dist-upgrade"
upgraded to Shorewall v4.0.12 the other day. On the same day it upgraded the
kernel to 2.6.25-2. iptables is 1.4.0 and I don''t believe that was
changed. I''m not sure if the change I''m seeing is Shorewall
or the kernel.
What I''m seeing is the following:
Jul 16 12:16:21 rockenfield kernel: [191003.010600]
Shorewall:net2all:DROP:IN=eth0...
^^^^^^^^^^^^^^^^^^^ this is
new to me
What do these numbers represent? I think it might have something to do with the
PID but I''ve never seen it written in this format before. I
don''t see this mentioned anywhere in the Shorewall FAQ nor the mailing
list archives (but perhaps I searched for the wrong terms). None of the other
processes running on my machine have log entries in this format.
Also there is a stale link on the Shorewall Logging page
(http://www.shorewall.net/3.0/shorewall_logging.html). The link
(http://logi.cc/linux/netfilter-log-format.php3) at the bottom is stale/invalid.
Thanks,
-MikeD
-------------------------------------------------------------------------
This SF.Net email is sponsored by the Moblin Your Move Developer''s
challenge
Build the coolest Linux based applications with Moblin SDK & win great
prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100&url=/
PLEASE -- configure your mailer so that it breaks text lines at a reasonable length. Each paragraph in your post is one long line which makes it a complete PITA to respond to. Mike wrote:> I am running Debian testing (lenny) and my "apt-get dist-upgrade" upgraded> to Shorewall v4.0.12 the other day. On the same day it upgraded the> kernel to 2.6.25-2. iptables is 1.4.0 and I don''t believe that was changed.? I''m not sure if the change I''m seeing is Shorewall or the kernel. It''s not Shorewall and I don''t know what those number are; they don''t appear in log messages from syslog-ng on my SuSE boxes that run 2.6.25 kernels. Remember that Shorewall doesn''t produce there messages -- the kernel does. The only part that Shorewall controls is governed by the ''LOGFORMAT'' setting in Shorewall.conf.> > Also there is a stale link on the Shorewall Logging pageThanks. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key ------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer''s challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/
On Wed, Jul 16, 2008 at 1:29 PM, Mike <miked@softtalker.com> wrote:> I am running Debian testing (lenny) and my "apt-get dist-upgrade" upgraded to Shorewall v4.0.12 the other day. On the same day it upgraded the kernel to 2.6.25-2. iptables is 1.4.0 and I don''t believe that was changed. I''m not sure if the change I''m seeing is Shorewall or the kernel.As Tom pointed out already, it''s the kernel that generates these lines. You should check with some Debian source on why that change was introduced, or you could probably compile your own kernel and turn it off again.> What I''m seeing is the following: > Jul 16 12:16:21 rockenfield kernel: [191003.010600] Shorewall:net2all:DROP:IN=eth0... > ^^^^^^^^^^^^^^^^^^^ this is new to me > > What do these numbers represent? I think it might have something to do with the PID but I''ve never seen it written in this format before. I don''t see this mentioned anywhere in the Shorewall FAQ nor the mailing list archives (but perhaps I searched for the wrong terms). None of the other processes running on my machine have log entries in this format.I think it represents some measurement of time since the machine booted.> Also there is a stale link on the Shorewall Logging page (http://www.shorewall.net/3.0/shorewall_logging.html). The link (http://logi.cc/linux/netfilter-log-format.php3) at the bottom is stale/invalid. > > Thanks, > -MikeD~David ------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer''s challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/