From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) by finch.gentoo.org (Postfix) with ESMTP id B79E4138CA3 for ; Sun, 10 May 2015 09:17:33 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id D0675E0852; Sun, 10 May 2015 09:17:27 +0000 (UTC) Received: from smarthost01a.mail.zen.net.uk (smarthost01a.mail.zen.net.uk [212.23.1.1]) by pigeon.gentoo.org (Postfix) with ESMTP id BC115E0844 for ; Sun, 10 May 2015 09:17:26 +0000 (UTC) Received: from [82.69.80.10] (helo=wstn.localnet) by smarthost01a.mail.zen.net.uk with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:256) (Exim 4.80) (envelope-from ) id 1YrNMT-000CIl-II for gentoo-user@lists.gentoo.org; Sun, 10 May 2015 09:17:25 +0000 From: Peter Humphrey To: gentoo-user@lists.gentoo.org Subject: Re: [gentoo-user] Shorewall config problem [SOLVED] Date: Sun, 10 May 2015 10:17:24 +0100 Message-ID: <2442871.vZ6LR7RNj4@wstn> Organization: Society for Retired Gentlefolk User-Agent: KMail/4.14.3 (Linux/3.18.11-gentoo; KDE/4.14.3; x86_64; ; ) In-Reply-To: <6390922.lAtsHpQybt@wstn> References: <6390922.lAtsHpQybt@wstn> Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="nextPart3650630.Eo372Fa9Oq" Content-Transfer-Encoding: 7Bit X-Originating-smarthost01a-IP: [82.69.80.10] X-Archives-Salt: 080a7319-8758-470b-ae1a-2ebc2cdbde4e X-Archives-Hash: 76e58603578ab21ccf27d4378026e37d This is a multi-part message in MIME format. --nextPart3650630.Eo372Fa9Oq Content-Transfer-Encoding: 7Bit Content-Type: text/plain; charset="us-ascii" On Wednesday 06 May 2015 16:20:19 I wrote: > I've recently installed a new ADSL modem, and now I'm trying to get it to > log to my LAN server. The modem seems to be sending log messages but > Shorewall is dropping them at the server. --->8 It seems I had missed something in the kernel configuration. I can't say what exactly because I added several options (life's too short to go through all the network options one at a time). So now, Shorewall is not dropping syslog packets, and syslog-ng is logging correctly. This is my /etc/syslog-ng/syslog-ng.conf: ---------------- @version: 3.6 @include "scl.conf" options { threaded(yes); chain_hostnames(no); stats_freq(43200); mark_freq(0); }; source src { system(); internal(); }; source s_remote { udp (ip(192.168.1.2) port(514) ); }; filter f_cron { facility (cron); }; filter f_ncron { not facility (cron); }; destination d_remote { file("/var/log/remote"); }; destination d_cron { file("/var/log/cron"); }; destination messages { file("/var/log/messages"); }; destination console_all { file("/dev/tty12"); }; log { source(src); filter(f_cron); destination(d_cron); }; log { source(src); filter(f_ncron); destination(messages); }; log { source(src); filter(f_ncron); destination(console_all); }; log { source(s_remote); destination(d_remote); }; ---------------- I hope that will be useful to someone. -- Rgds Peter --nextPart3650630.Eo372Fa9Oq Content-Transfer-Encoding: 7Bit Content-Type: text/html; charset="us-ascii"

On Wednesday 06 May 2015 16:20:19 I wrote:

> I've recently installed a new ADSL modem, and now I'm trying to get it to

> log to my LAN server. The modem seems to be sending log messages but

> Shorewall is dropping them at the server.

 

--->8

 

It seems I had missed something in the kernel configuration. I can't say what exactly because I added several options (life's too short to go through all the network options one at a time).

 

So now, Shorewall is not dropping syslog packets, and syslog-ng is logging correctly. This is my /etc/syslog-ng/syslog-ng.conf:

 

----------------

@version: 3.6

@include "scl.conf"

options {

threaded(yes);

chain_hostnames(no);

stats_freq(43200);

mark_freq(0);

};

 

source src { system(); internal(); };

source s_remote { udp (ip(192.168.1.2) port(514) ); };

 

filter f_cron { facility (cron); };

filter f_ncron { not facility (cron); };

 

destination d_remote { file("/var/log/remote"); };

destination d_cron { file("/var/log/cron"); };

destination messages { file("/var/log/messages"); };

destination console_all { file("/dev/tty12"); };

 

log { source(src); filter(f_cron); destination(d_cron); };

log { source(src); filter(f_ncron); destination(messages); };

log { source(src); filter(f_ncron); destination(console_all); };

log { source(s_remote); destination(d_remote); };

----------------

 

I hope that will be useful to someone.

 

--

Rgds

Peter

 

--nextPart3650630.Eo372Fa9Oq--