[Firehol-support] Ulog
Allen Smith
lazlor at bigboy.lotaris.org
Mon Dec 1 16:19:03 GMT 2003
The following worked for me under sarge/testing using the deb package of
firehol:
1) edit /etc/init.d/klogd and make KLOGD="-c 5 "
2) edit /lib/firehol/firehol and make FIREHOL_LOG_LEVEL="info"
3) restart firehol and klogd
> -----Original Message-----
> From: firehol-support-admin at lists.sourceforge.net
> [mailto:firehol-support-admin at lists.sourceforge.net] On
> Behalf Of Costa Tsaousis
> Sent: Sunday, November 30, 2003 9:09 PM
> To: Philippe Berini
> Cc: firehol-support at lists.sourceforge.net
> Subject: Re: [Firehol-support] Ulog
>
>
>
> > I know that this topic has been dealt with in the doc and in the
> > forum, but the suggested solutions don't work in Debian (or
> at least I
> > can't succeed to have them work).
>
> Strange. Is there someone on the list that has succeded
> managing the iptables logs on debian to give us some light here?
>
> > But I prefer FireHOL, and I'll stick to it anyway ;-)
>
> Thanks.
>
> > # FireHOL [:] > server x ULOG
>
> In explain mode, first give an interface (I have the shortcut
> "in" to do
> this):
>
> # FireHOL [:] > in
>
> and then the server statement with a valid service:
>
> # FireHOL [:] > server smtp ULOG
>
> This works.
>
> > The problem is that I still have the LOG rules in iptables:
>
> Yes, since the iptables commands will simply add rules for
> this logging, will not change the existing one.
>
> Anyway, I have added the variable FIREHOL_LOG_MODE to control
> the method of logging. By default is set to LOG. You can set
> it to ULOG to change all logging made by FireHOL (even with
> the log and loglimit rules) to use ULOG. Use the normal
> FIREHOL_LOG_OPTIONS variable to control other options of ULOG.
>
> Note that if set to ULOG, then FIREHOL_LOG_LEVEL and the
> level parameter to the log/loglimit rules are ignored (ULOG
> does not have a level).
>
> This has been added to v1.172 currently in the CVS. I have
> tested that LOG works as previously and that ULOG statements
> are produced correctly but I'll need your help to verify that
> ULOG is working properly.
>
> Costa
>
>
>
> -------------------------------------------------------
> This SF.net email is sponsored by: SF.net Giveback Program.
> Does SourceForge.net help you be more productive? Does it
> help you create better code? SHARE THE LOVE, and help us
> help YOU! Click Here: http://sourceforge.net/donate/
> _______________________________________________
> Firehol-support mailing list Firehol-support at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/firehol-support
>
More information about the Firehol-support
mailing list