If you haven't changed anything in syslog.conf, the ipchains rules will log to /var/log/messages. Note that SuSEfirewall isn't an intelligent firewall, it's just a frontend to ipchains (or iptables with SuSEfirewall2). If you want more detail, install snort or similar Regards Anders On Friday 15 June 2001 20:55, Clayton Cornell wrote:
Hi ho... hopefully someone can give me a suggestion here. I am getting hit hard in the last week or so by someone who is portscanning me, and attempting to hack my system. I have run the SuSEharden script, and have the SuSEfirewall up and running, so, sofar I don't think this goof has managed to get in.
Question is... am I blind here? I cannot find any log file for the SuSEfirewall. There is a file /var/logs/firewall, but it seems to be logging my console messages, and not the firewall. Is there a log file and I just can't see it? I need this logfile info to send off to my ISP so they have a record of the attempts. I desperation I booted to windows for 48 hours and logged the attempts via ZoneAlarm (pages of them).
Clayton