[Firehol-support] Ulog

Costa Tsaousis costa at tsaousis.gr
Mon Dec 1 05:09:15 GMT 2003

> I know that this topic has been dealt with in the doc and in the forum,
> but the suggested solutions don't work in Debian (or at least I can't
> succeed to have them work).

Strange. Is there someone on the list that has succeded managing the
iptables logs on debian to give us some light here?

> But I prefer FireHOL, and I'll stick to it anyway ;-)


> # FireHOL [:] > server x ULOG

In explain mode, first give an interface (I have the shortcut "in" to do

# FireHOL [:] > in

and then the server statement with a valid service:

# FireHOL [:] > server smtp ULOG

This works.

> The problem is that I still have the LOG rules in iptables:

Yes, since the iptables commands will simply add rules for this logging,
will not change the existing one.

Anyway, I have added the variable FIREHOL_LOG_MODE to control the method
of logging. By default is set to LOG. You can set it to ULOG to change all
logging made by FireHOL (even with the log and loglimit rules) to use
ULOG. Use the normal FIREHOL_LOG_OPTIONS variable to control other options
of ULOG.

Note that if set to ULOG, then FIREHOL_LOG_LEVEL and the level parameter
to the log/loglimit rules are ignored (ULOG does not have a level).

This has been added to v1.172 currently in the CVS. I have tested that LOG
works as previously and that ULOG statements are produced correctly but
I'll need your help to verify that ULOG is working properly.


More information about the Firehol-support mailing list