X-Original-To: alpine-devel@lists.alpinelinux.org
Delivered-To: alpine-devel@lists.alpinelinux.org
Received: from zimbra.netvantix.net (zimbra.netvantix.net [67.213.231.181])
	by lists.alpinelinux.org (Postfix) with ESMTP id 6E1DB1EBFF1
	for <alpine-devel@lists.alpinelinux.org>; Mon,  3 Jan 2011 16:05:13 +0000 (UTC)
Received: from localhost (localhost.localdomain [127.0.0.1])
	by zimbra.netvantix.net (Postfix) with ESMTP id BC0E178C26F
	for <alpine-devel@lists.alpinelinux.org>; Mon,  3 Jan 2011 09:05:12 -0700 (MST)
X-Virus-Scanned: amavisd-new at zimbra.netvantix.net
Received: from zimbra.netvantix.net ([127.0.0.1])
	by localhost (zimbra.netvantix.net [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id VsgplSYr-ymu for <alpine-devel@lists.alpinelinux.org>;
	Mon,  3 Jan 2011 09:05:08 -0700 (MST)
Received: from zimbra.netvantix.net (zimbra.netvantix.net [67.213.231.181])
	by zimbra.netvantix.net (Postfix) with ESMTP id 0468678C26B
	for <alpine-devel@lists.alpinelinux.org>; Mon,  3 Jan 2011 09:05:08 -0700 (MST)
Date: Mon, 3 Jan 2011 09:05:07 -0700 (MST)
From: Steve Fink <sfink@netvantix.com>
To: Alpine-Devel <alpine-devel@lists.alpinelinux.org>
Message-ID: <23923891.5000.1294070707938.JavaMail.root@zimbra.netvantix.net>
In-Reply-To: <4D21E89E.3000507@freemail.gr>
Subject: Re: [alpine-devel] Shorewall Logs
X-Mailinglist: alpine-devel
Precedence: list
List-Id: Alpine Development <alpine-devel.lists.alpinelinux.org>
List-Unsubscribe: 
	<mailto:alpine-devel+unsubscribe@lists.alpinelinux.org?subject=unsubscribe>
List-Post: <mailto:alpine-devel@lists.alpinelinux.org>
List-Help: <mailto:alpine-devel+help@lists.alpinelinux.org?subject=help>
List-Subscribe: 
	<mailto:alpine-devel+subscribe@lists.alpinelinux.org?subject=subscribe>
MIME-Version: 1.0
Content-Type: multipart/alternative; 
	boundary="----=_Part_4999_31299860.1294070707937"
X-Originating-IP: [174.52.152.201]
X-Mailer: Zimbra 6.0.3_GA_1915.RHEL4 (ZimbraWebClient - SAF3 (Mac)/6.0.3_GA_1915.RHEL4)

------=_Part_4999_31299860.1294070707937
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit

Thanks for the replies. 


I had guessed that everything was going to /var/log/messages but wasn't sure. 


I looked through all of the log options in shorewall.conf and they all looked correct so I kept digging. 


In the file /etc/shorewall/policy is where the DROP policy is defined and I had failed to add the log level of "info". 


Thanks again for your help! 


Best, 


Steve 




----- Original Message ----- 
From: "Harry Lachanas" <grharry@freemail.gr> 
To: "Steve Fink" <sfink@netvantix.com> 
Cc: "Alpine-Devel" <alpine-devel@lists.alpinelinux.org> 
Sent: Monday, January 3, 2011 8:17:50 AM 
Subject: Re: [alpine-devel] Shorewall Logs 

On 01/03/2011 04:37 PM, Steve Fink wrote: 
> Where are the Shorewall logs stored? 
> 
In alpine they are sent to /var/log/messages 
> The Start/Stop/Restart info is written to /var/log/messages but I'm 
> looking for the dropped packets and such. 
> 
Do you have any dropped packets and enabled log in shorewall conf ?? 
> I've gone through the mailing list archives and cannot find any info. 
> 
> I've done some digging and see that this version of syslogd does not 
> look at the syslog.conf I'm assuming that because they're kernel 
> messages they're being handled by klogd but can't find where they're 
> being written to. 
> 
in order to log to /var/log/shorewall.log you have to load and config ulogd 
The documetation is in shorewall site. 
Cheers 



------=_Part_4999_31299860.1294070707937
Content-Type: text/html; charset=utf-8
Content-Transfer-Encoding: quoted-printable

<html><head><style type=3D'text/css'>p { margin: 0; }</style></head><body><=
div style=3D'font-family: Times New Roman; font-size: 12pt; color: #000000'=
>Thanks for the replies.<div><br></div><div>I had guessed that everything w=
as going to /var/log/messages but wasn't sure.</div><div><br></div><div>I l=
ooked through all of the log options in shorewall.conf and they all looked =
correct so I kept digging.</div><div><br></div><div>In the file /etc/shorew=
all/policy is where the DROP policy is defined and I had failed to add the =
log level of "info".</div><div><br></div><div>Thanks again for your help!</=
div><div><br></div><div>Best,</div><div><br></div><div>Steve</div><div><br>=
</div><div><br></div><div>----- Original Message -----<br>From: "Harry Lach=
anas" &lt;grharry@freemail.gr&gt;<br>To: "Steve Fink" &lt;sfink@netvantix.c=
om&gt;<br>Cc: "Alpine-Devel" &lt;alpine-devel@lists.alpinelinux.org&gt;<br>=
Sent: Monday, January 3, 2011 8:17:50 AM<br>Subject: Re: [alpine-devel] Sho=
rewall Logs<br><br>&nbsp;&nbsp;On 01/03/2011 04:37 PM, Steve Fink wrote:<br=
>&gt; Where are the Shorewall logs stored?<br>&gt;<br>In alpine they are se=
nt to /var/log/messages<br>&gt; The Start/Stop/Restart info is written to /=
var/log/messages but I'm <br>&gt; looking for the dropped packets and such.=
<br>&gt;<br>Do you have any dropped packets and enabled log in shorewall co=
nf ??<br>&gt; I've gone through the mailing list archives and cannot find a=
ny info.<br>&gt;<br>&gt; I've done some digging and see that this version o=
f syslogd does not <br>&gt; look at the syslog.conf I'm assuming that becau=
se they're kernel <br>&gt; messages they're being handled by klogd but can'=
t find where they're <br>&gt; being written to.<br>&gt;<br>in order to log =
to /var/log/shorewall.log you have to load and config ulogd<br>The documeta=
tion is in &nbsp;shorewall site.<br>Cheers<br><br><br></div></div></body></=
html>
------=_Part_4999_31299860.1294070707937--


---
Unsubscribe:  alpine-devel+unsubscribe@lists.alpinelinux.org
Help:         alpine-devel+help@lists.alpinelinux.org
---