similar to: shorewall 2.0.3a, (ULOG) doesn''t log anything

Hi, I''m using following rule in /etc/shorewall/rules REJECT:ULOG:P2P loc net ipp2p:all ipp2p iptables -L : Chain loc2net (1 references) target prot opt source destination ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED ULOG all -- anywhere anywhere ipp2p v0.8.2--ipp2p ULOG

Dear List! I use a shorewall 2.0.8 on a Debian sarge system. I use a DSL connection to the Internet (ppp0 - eth1 to the modem) and a bridge to the local lan. The bridged config i''ve made with bridge.html from the shorewall site. The Bridge is between local net and a openvpn tap device. This works. I ccan make tunnels, and a can make a lot of things through the firewall. I can get a list

Hi, I''m running Slackware 13.37 x86 using Shorewall 4.4.21 with OpenVPN and the VPN options I''m using in Slackware 13.37 will not work in Shorewall, but in Slackware 13.1 using the same Shorewall version and files, the ''interfaces'', ''policy'' and ''zone'', are all I have configured, it was working and this also works in Arch at

Hi. I have a Server''s network with some servers in it, all with 192.168.1.0/25 ips. There is also a router in that network with ip 192.168.1.1. This router also connected to a client''s network 10.10.0.0/16 with ip 10.10.100.1. All services on each server are given their virtual address from one of two virtual networks 192.168.1.128/28 and 192.168.1.144/28. 192.168.1.128/28 is

Hi, I have 2 Debian testing boxes running a very similar setup (both running the latest aptosid kernel); on one of them, since the iptables/libxtables10 packages have been upgraded from 1.4.19.1-1 to 1.4.20-2, shorewall-init can''t start shorewall anymore and for this reason ifupdown also fails triggering firewall up. Shorewall can be successfully started later on, and ifupdown starts

Hello, I tried Shorewall for the first time today. I am currently using an up-to-date installation of Debian Sid, which has shorewall 4.2.10, shorewall-shell 4.2.10 and shorewall-perl 4.2.10.1. I noticed that even though I had the following /etc/shorewall/policy file, iptables would still show LOG rules at the end of the INPUT and OUTPUT chains instead of ULOG rules. (Other logging related rules

Hi, I''ve just recently switched off my (lame) hardware firewall onto an old box running linux 2.4.18, iptables 1.2.6 and shorewall 1.2.9. I''m kinda new to linux firewalling myself but so far Shorewall has taken much work from me. While reading myself into iptables I saw that just recently something called ULOG (userspace logging) has been implemented in newer kernels and

I''m noticing some weirdness in my ulog files with version 2.0.10. Here is a portion of the log: Jan 7 11:01:37 rancor Shorewall:loc2fw:AllowWOL: IN=eth1 OUT= MAC=ff:ff:ff:ff:ff:ff:00:0a:95:b2:11:4c:08:00 SRC=192.168.0.100 DST=192.168.0.255 LEN=97 TOS=00 PREC=0x00 TTL=64 ID=44155 CE PROTO=UDP SPT=631 DPT=631 LEN=77 Jan 7 11:01:39 rancor Shorewall:loc2fw:AllowWOL: IN=eth1 OUT=

https://bugzilla.netfilter.org/show_bug.cgi?id=986 Bug ID: 986 Summary: ulogd fails to build against linux headers >= 3.17.0 due to ULOG target removal Product: ulogd Version: SVN (please provide timestamp) Hardware: x86_64 OS: Gentoo Status: NEW Severity: major Priority:

hi, if i would like to use ulog (in order to split netfilter messages from other kernel messages), than i have to set all loglevel to ULOG? and then is there any way to define diferent loglevel for eg. maclist? thanks in advance. yours. ps. it''s a bit confusing that all loglevel parameter name is LOG_LEVEL except BLACKLIST_LOGLEVEL:-( -- Levente

http://bugzilla.netfilter.org/show_bug.cgi?id=748 Summary: Range check for ulog-cprange is wrong Product: iptables Version: unspecified Platform: All OS/Version: All Status: NEW Severity: normal Priority: P5 Component: iptables AssignedTo: netfilter-buglog at lists.netfilter.org ReportedBy:

I want to use fprobe-ulog (http://fprobe.sourceforge.net/) to generate NetFlow information about traffic going through my router. The question is how to get the logging rules added to the appropriate chains (I''m assuming eth2_in and eth2_out in my case)? I''m using the perl version of shorewall 4.0.6. -- Orion Poplawski Technical Manager 303-415-9701

https://bugzilla.netfilter.org/show_bug.cgi?id=921 Summary: log, ulog and nflog: command-line parameters are not supported Product: nftables Version: unspecified Platform: x86_64 OS/Version: All Status: NEW Severity: normal Priority: P5 Component: nft AssignedTo: pablo at

--/aVve/J9H4Wl5yVO Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Hi Everybody! I had to change the ulog.patch in recent patch-o-matic to use a different netlink family (it's now 5 instead of 4). This means, you will have to recompile your ulogd or any other application in order to make it work. That's also why I have

I have a three interface network (net,loc,dmz). The internet interface (eth0) has a static IP. Windows machine in the local network (eth1) use DHCP to get IPs from the 192.168.10.0/24 netblock. The Debian machine in the DMZ (eth2) gets a fixed IP through DHCP in the 192.168.11.0/24 netblock. The DHCP server is running on the firewall machine (not ideal, I know, but that''s the way

I think you can change the existing firewall logging code for log_rule_limit (where you have one case for for LOGRULENUMBERS and another almost identical case without) down to this slightly shorter version with no duplication (excerpt): if [ -n "$LOGRULENUMBERS" ]; then eval rulenum=\$${chain}_logrules [ -z "$rulenum" ] && rulenum=1 fi case

Anywhere that a syslog level can appear, you can now specify ULOG (must be upper case) and logging will occur to the ulog target. You can download ulogd from http://www.gnumonks.org/projects/ulogd. Only the ''firewall'' file is required. None of the comments in the other config files are updated yet but I''m working on it. -Tom -- Tom Eastep \ Shorewall - iptables

Going deeper on last post "[Shorewall-users] logging", I found a very nice package that handles ULOG messages in a web interface, where you can browse the events from a MySql database produced by ULOGD. Real time. The name is: ULOGD-PHP From the site: ------------------------------------------- ulogd-php is able to : show the last hosts that broke packets on your firewall. show the

Hi, I have a legal requirement to log all connections and I will use ULOG to log all ACCEPTED conenctions. However it is so much easier to look at text log file compared to binary log file. So I would like to log DROPPED/REJECTED packets with SYSLOG for rule testing/debuging purposes. Is it possible to use both ULOG for ACCEPTED packets and SYSLOG for DROPPED packets? Thank you for your help.

http://bugzilla.netfilter.org/show_bug.cgi?id=600 Summary: ULOG target does not support --log-uid Product: iptables Version: unspecified Platform: All OS/Version: All Status: NEW Severity: enhancement Priority: P1 Component: iptables AssignedTo: laforge at netfilter.org ReportedBy: dom at