Mailinglist Archive: opensuse (1632 mails)

< Previous Next >
Re: [opensuse] Lost firewall logging
  • From: Patrick Shanahan <ptilopteri@xxxxxxxxx>
  • Date: Mon, 16 Jul 2007 15:12:52 -0400
  • Message-id: <20070716191252.GS7622@xxxxxxxxxxxxxxx>
* Darryl Gregorash <raven@xxxxxxxxxxxxx> [07-16-07 15:09]:
> On 07/16/2007 11:07 AM, Patrick Shanahan wrote:
> > QUESTION:  Where/how do I get my firewall logging back?
> >
> >   
> Please post the result of "cat /etc/syslog-ng/syslog-ng.conf" and "ls
> -l /var/log/firewall".


-rw-r-----  1 root root 1538079 2007-07-13 23:14 /var/log/firewall


# Global options.
options { long_hostnames(off); sync(0); perm(0640); stats(3600); };

source src {
        internal();
        unix-dgram("/dev/log");
};

# Filter definitions
filter f_iptables   { facility(kern) and match("IN=") and match("OUT="); };

filter f_console    { level(warn) and facility(kern) and not filter(f_iptables)
                      or level(err) and not facility(authpriv); };

filter f_newsnotice { level(notice) and facility(news); };
filter f_newscrit   { level(crit)   and facility(news); };
filter f_newserr    { level(err)    and facility(news); };
filter f_news       { facility(news); };

filter f_mailinfo   { level(info)      and facility(mail); };
filter f_mailwarn   { level(warn)      and facility(mail); };
filter f_mailerr    { level(err, crit) and facility(mail); };
filter f_mail       { facility(mail); };

filter f_cron       { facility(cron); };

filter f_local      { facility(local0, local1, local2, local3,
                               local4, local5, local6, local7); };

filter f_acpid      { level(emerg...notice) and match('^\acpid:'); };

filter f_acpid_old  { match('^\[acpid\]:'); };

filter f_netmgm     { match('^NetworkManager:'); };

filter f_messages   { not facility(news, mail) and not filter(f_iptables); };
filter f_warn       { level(warn, err, crit) and not filter(f_iptables); };
filter f_alert      { level(alert); };


destination console  { pipe("/dev/tty10"    owner(-1) group(-1) perm(-1)); };
log { source(src); filter(f_console); destination(console); };

destination xconsole { pipe("/dev/xconsole" owner(-1) group(-1) perm(-1)); };
log { source(src); filter(f_console); destination(xconsole); };

destination newscrit   { file("/var/log/news/news.crit"
                              owner(news) group(news)); };
log { source(src); filter(f_newscrit); destination(newscrit); };

destination newserr    { file("/var/log/news/news.err"
                              owner(news) group(news)); };
log { source(src); filter(f_newserr); destination(newserr); };

destination newsnotice { file("/var/log/news/news.notice"
                              owner(news) group(news)); };
log { source(src); filter(f_newsnotice); destination(newsnotice); };

destination mailinfo { file("/var/log/mail.info"); };
log { source(src); filter(f_mailinfo); destination(mailinfo); };

destination mailwarn { file("/var/log/mail.warn"); };
log { source(src); filter(f_mailwarn); destination(mailwarn); };

destination mailerr  { file("/var/log/mail.err" fsync(yes)); };
log { source(src); filter(f_mailerr);  destination(mailerr); };

destination mail { file("/var/log/mail"); };
log { source(src); filter(f_mail); destination(mail); };

 destination acpid { file("/var/log/acpid"); };
log { source(src); filter(f_acpid); destination(acpid); flags(final); };
log { source(src); filter(f_acpid_old); destination(acpid); flags(final); };

destination netmgm { file("/var/log/NetworkManager"); };
log { source(src); filter(f_netmgm); destination(netmgm); flags(final); };

destination localmessages { file("/var/log/localmessages"); };
log { source(src); filter(f_local); destination(localmessages); };

destination messages { file("/var/log/messages"); };
log { source(src); filter(f_messages); destination(messages); };

destination firewall { file("/var/log/firewall"); };
log { source(src); filter(f_iptables); destination(firewall); };

destination warn { file("/var/log/warn" fsync(yes)); };
log { source(src); filter(f_warn); destination(warn); };



-- 
Patrick Shanahan         Plainfield, Indiana, USA        HOG # US1244711
http://wahoo.no-ip.org     Photo Album:  http://wahoo.no-ip.org/gallery2
Registered Linux User #207535                    @ http://counter.li.org
-- 
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse+help@xxxxxxxxxxxx

< Previous Next >
Follow Ups