RE: Problem with logging firewall packets
OK what's being logged to console? Under iptables it WILL log warnings + to
console unless you modify /etc/init.d/klogd.
this is a clip from my rc.firewall.iptables btw
# LOG level option. NOTE klogd reflects these values for console broadcast
# Simply start klogd with -c 4 to ONLY display errors and above on the
#define KERN_EMERG "<0>" /* system is unusable */
#define KERN_ALERT "<1>" /* action must be taken immediately */
#define KERN_CRIT "<2>" /* critical conditions */
#define KERN_ERR "<3>" /* error conditions */
#define KERN_WARNING "<4>" /* warning conditions */
#define KERN_NOTICE "<5>" /* normal but significant condition */
#define KERN_INFO "<6>" /* informational */
#define KERN_DEBUG "<7>" /* debug-level messages */
From: Paul Dossett [mailto:email@example.com]
Sent: Thursday, May 24, 2001 12:24 PM
To: Ed Street; firstname.lastname@example.org
Subject: Re: Problem with logging firewall packets
I'm running Progeny, and had to go to Debian's testing distro to get klogd,
but that doesn't seem to do anything... still investigating.
Both syslogd and klogd are running, according to top.. :)
Any more ideas? I'm really stumped. This worked fine under Red Hat.
----- Original Message -----
From: "Ed Street" <email@example.com>
To: "Paul Dossett" <firstname.lastname@example.org>;
Sent: Friday, May 25, 2001 2:17 AM
Subject: RE: Problem with logging firewall packets
> Make sure you have klogd and syslogd running.
> -----Original Message-----
> From: Paul Dossett [mailto:email@example.com]
> Sent: Thursday, May 24, 2001 12:00 PM
> To: firstname.lastname@example.org
> Subject: Problem with logging firewall packets
> Hi guys/gals,
> Okay, I'm *really* embarrassed about this, but I can't get syslog to log
> firewall packets to a logfile - it insists on sending them to my Debian
> box's console. I've checked the /etc/syslog.conf file and there's no
> mention of a console there at all, so what am I doing wrong? The crappy
> ipchains test script I've rigged is working, a grc.com scan is being
> in all the right ways, but I just can't get the logs on magnetic media...
> what really simple, obvious, even-a-redheaded-stepchild-could-work-it-out
> step am I missing?
> Paul D
> To UNSUBSCRIBE, email to email@example.com
> with a subject of "unsubscribe". Trouble? Contact