[oclug] LOG and 2.4.3
james.leigh at ottawa.com
Fri Apr 13 23:57:51 EDT 2001
yes I am. I notice the netfilter logging goes to dmesg, but not to
syslogd. Even adding a *.* -/var/log/all to syslog.conf does not show any
netfilter logging. How do I tell it where to log to? I was looking at the
options for LOG, but it seems inconclusive.
Level of logging (numeric or see syslog.conf(5)).
Prefix log messages with the specified prefix; up
to 29 letters long, and useful for distinguishing
messages in the logs.
Log TCP sequence numbers. This is a security risk
if the log is readable by users.
Log options from the TCP packet header.
Log options from the IP packet header.
On Fri, 13 Apr 2001 23:31:08 Johnathan Hicks wrote:
> Are you talking about kernel logging in general or just netfilter
> logging? If it's the latter I think it logs to the console by default,
> but otherwise you have to tell it where to log to.
> James Leigh wrote:
> > I have been trying to switch over to 2.4.3 from 2.2.18, but I am having
> > trouble getting 2.4.3 to log correctly. basically it does not log
> > right now and I cannot seem to get it to work.
> > I have a custom kernel based on kernel-source-2.4.3_2.4.3-1.deb from
> > debian's unstable distro. I added a few things like freeswan and bttv.
> > have build most of netfilter into the kernel as you can see below.
> > iptables blocks out the packets correctly, so it must be working. When
> > add iptables -I INPUT -j LOG or other more descriptive commands,
> > shows up in any /var/log/* files.
> > What do I need to do to get the LOG table working?
> > james
> > +++++/usr/src/linux/.config++++++++++
> > #
> > # IP: Netfilter Configuration
> > #
> > CONFIG_IP_NF_CONNTRACK=y
> > # CONFIG_IP_NF_FTP is not set
> > # CONFIG_IP_NF_QUEUE is not set
> > CONFIG_IP_NF_IPTABLES=y
> > # CONFIG_IP_NF_MATCH_LIMIT is not set
> > CONFIG_IP_NF_MATCH_MAC=m
> > # CONFIG_IP_NF_MATCH_MARK is not set
> > # CONFIG_IP_NF_MATCH_MULTIPORT is not set
> > # CONFIG_IP_NF_MATCH_TOS is not set
> > # CONFIG_IP_NF_MATCH_TCPMSS is not set
> > CONFIG_IP_NF_MATCH_STATE=y
> > # CONFIG_IP_NF_MATCH_UNCLEAN is not set
> > # CONFIG_IP_NF_MATCH_OWNER is not set
> > CONFIG_IP_NF_FILTER=y
> > # CONFIG_IP_NF_TARGET_REJECT is not set
> > # CONFIG_IP_NF_TARGET_MIRROR is not set
> > CONFIG_IP_NF_NAT=y
> > CONFIG_IP_NF_NAT_NEEDED=y
> > CONFIG_IP_NF_MANGLE=y
> > # CONFIG_IP_NF_TARGET_TOS is not set
> > # CONFIG_IP_NF_TARGET_MARK is not set
> > CONFIG_IP_NF_TARGET_LOG=y
> > # CONFIG_IP_NF_TARGET_TCPMSS is not set
> > # CONFIG_IPV6 is not set
> > # CONFIG_KHTTPD is not set
> > # CONFIG_ATM is not set
> > +++++++++ /etc/syslog.conf++++++++
> > #
> > # First some standard logfiles. Log by facility.
> > #
> > auth,authpriv.* /var/log/auth.log
> > *.*;auth,authpriv.none -/var/log/syslog
> > #cron.* /var/log/cron.log
> > daemon.* -/var/log/daemon.log
> > kern.* -/var/log/kern.log
> > lpr.* -/var/log/lpr.log
> > mail.* /var/log/mail.log
> > user.* -/var/log/user.log
> > uucp.* -/var/log/uucp.log
> > ------------------------------------------------------------------------
> > .configName: .config
> > Type: unspecified type (application/octet-stream)
> oclug mailing list
> oclug at lists.oclug.on.ca
More information about the OCLUG