[Firewall] logging not working for outbound connections

Arno van Amersfoort arnova at rocky.eld.leidenuniv.nl
Wed Jan 21 14:28:15 CET 2009


What dist are you on? Debian or Ubuntu I'm guessing? sysklog can be 
temperemental when being restarted (not working anymore etc.). You could 
try a clean boot and see whether that works....

a.

Ronald van den Blink wrote:
> And last but not least, I fixed it myself by using syslog-ng.
> 
> That still leaves the problem with sysklog not taking up the log-rules 
> with the supplied syslog.conf
> 
> WIth kinds regards,
> 
> Ronald
> On Jan 21, 2009, at 2:00 PM, Ronald van den Blink wrote:
> 
>> Hmm, I'd like to correct myself. It IS logging, but it logs to dmesg. 
>> That means that the error is somewhere in my syslogd.conf, but that's 
>> the one that's included with the tarbal....
>>
>> Any suggestions?
>>
>> With kind regards,
>>
>> Ronald
>> On Jan 21, 2009, at 9:46 AM, Arno van Amersfoort wrote:
>>
>>> Hello/hallo ;-),
>>>
>>> This should work, the log rules are applied regardless of the default 
>>> policy in the chain. Please provide your firewall.conf and other 
>>> relevant info (fw version etc.)
>>>
>>> a.
>>>
>>> Ronald van den Blink wrote:
>>>> Hi there,
>>>> I just installed Arno's firewall and I'm trying to get outbound ssh 
>>>> connections to be logged. It seems that for some strange reasong the 
>>>> connections aren't logged at all. Is this because of the default 
>>>> policy of the OUTPUT change being set to ALLOW? Or is there another 
>>>> reason.
>>>> With kind regards,
>>>> Ronald
>>>> _______________________________________________
>>>> Firewall mailing list
>>>> Firewall at rocky.eld.leidenuniv.nl
>>>> http://rocky.eld.leidenuniv.nl/mailman/listinfo/firewall
>>>> Arno's (Linux IPTABLES Firewall) Homepage:
>>>> http://rocky.eld.leidenuniv.nl
>>>
>>> -- 
>>> Arno van Amersfoort
>>> E-mail    : arnova at rocky.eld.leidenuniv.nl
>>> Donations are welcome through Paypal!
>>> --------------------------------------------------------------------------- 
>>>
>>> Arno's (Linux IPTABLES Firewall) Homepage:
>>> http://rocky.eld.leidenuniv.nl
>>> _______________________________________________
>>> Firewall mailing list
>>> Firewall at rocky.eld.leidenuniv.nl
>>> http://rocky.eld.leidenuniv.nl/mailman/listinfo/firewall
>>> Arno's (Linux IPTABLES Firewall) Homepage:
>>> http://rocky.eld.leidenuniv.nl
>>
>> _______________________________________________
>> Firewall mailing list
>> Firewall at rocky.eld.leidenuniv.nl
>> http://rocky.eld.leidenuniv.nl/mailman/listinfo/firewall
>> Arno's (Linux IPTABLES Firewall) Homepage:
>> http://rocky.eld.leidenuniv.nl
> 
> _______________________________________________
> Firewall mailing list
> Firewall at rocky.eld.leidenuniv.nl
> http://rocky.eld.leidenuniv.nl/mailman/listinfo/firewall
> Arno's (Linux IPTABLES Firewall) Homepage:
> http://rocky.eld.leidenuniv.nl
> 

-- 
Arno van Amersfoort
E-mail    : arnova at rocky.eld.leidenuniv.nl
Donations are welcome through Paypal!
---------------------------------------------------------------------------
Arno's (Linux IPTABLES Firewall) Homepage:
http://rocky.eld.leidenuniv.nl


More information about the Firewall mailing list