Add logging configuration step to quickstart guides

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@7334 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2007-09-14 16:03:42 +00:00
parent bbcf8fdcf8
commit 9fe6fc7434
3 changed files with 154 additions and 0 deletions

View File

@ -434,6 +434,58 @@ root@lists:~# </programlisting>
</tip></para>
</section>
<section id="Logging">
<title>Logging</title>
<para>Shorewall does not maintain a log itself but rather relies on your
<ulink url="shorewall_logging.html">system's logging
configuration</ulink>. The following <ulink
url="manpages/shorewall.html">commands</ulink> rely on knowing where
Netfilter messages are logged:</para>
<itemizedlist>
<listitem>
<para><command>shorewall show log</command> (Displays the last 20
netfilter log messages)</para>
</listitem>
<listitem>
<para><command>shorewall logwatch</command> (Polls the log at a
settable interval</para>
</listitem>
<listitem>
<para><command>shorewall dump</command> (Produces an extensive report
for inclusion in Shorewall problem reports)</para>
</listitem>
</itemizedlist>
<para>It is important that these commands work properly because when you
encounter connection problems when Shorewall is running, the first thing
that you should do is to look at the Netfilter log; with the help of
<ulink url="FAQ.htm#faq17">Shorewall FAQ 17</ulink>, you can usually
resolve the problem quickly.</para>
<para>Most commonly, Netfilter messages are logged to
<filename>/var/log/messages</filename>. Recent
<trademark>SuSE/OpenSuSE</trademark> releases come preconfigured with
syslog-ng and log netfilter messages to
<filename>/var/log/firewall</filename>.</para>
<para><inlinegraphic fileref="images/BD21298_.gif" format="GIF" /></para>
<para>If you are running a distribution that logs netfilter messages to a
log other than <filename>/var/log/messages</filename>, then modify the
LOGFILE setting in <filename>/etc/shorewall/shorewall.conf</filename> to
specify the name of your log.</para>
<important>
<para>The LOGFILE setting does not control where the Netfilter log is
maintained -- it simply tells the /sbin/<filename>shorewall</filename>
utility where to find the log.</para>
</important>
</section>
<section id="Open">
<title>Enabling other Connections</title>

View File

@ -956,6 +956,57 @@ ACCEPT net $FW tcp 80 </programlisting><it
remove other connections as required.</para>
</section>
<section id="Logging">
<title>Logging</title>
<para>Shorewall does not maintain a log itself but rather relies on your
<ulink url="shorewall_logging.htm">system's logging configuration</ulink>.
The following <ulink url="manpages/shorewall.html">commands</ulink> rely
on knowing where Netfilter messages are logged:</para>
<itemizedlist>
<listitem>
<para><command>shorewall show log</command> (Displays the last 20
netfilter log messages)</para>
</listitem>
<listitem>
<para><command>shorewall logwatch</command> (Polls the log at a
settable interval</para>
</listitem>
<listitem>
<para><command>shorewall dump</command> (Produces an extensive report
for inclusion in Shorewall problem reports)</para>
</listitem>
</itemizedlist>
<para>It is important that these commands work properly because when you
encounter connection problems when Shorewall is running, the first thing
that you should do is to look at the Netfilter log; with the help of
<ulink url="FAQ.htm#faq17">Shorewall FAQ 17</ulink>, you can usually
resolve the problem quickly.</para>
<para>Most commonly, Netfilter messages are logged to
<filename>/var/log/messages</filename>. Recent
<trademark>SuSE/OpenSuSE</trademark> releases come preconfigured with
syslog-ng and log netfilter messages to
<filename>/var/log/firewall</filename>.</para>
<para><inlinegraphic fileref="images/BD21298_.gif" format="GIF" /></para>
<para>If you are running a distribution that logs netfilter messages to a
log other than <filename>/var/log/messages</filename>, then modify the
LOGFILE setting in <filename>/etc/shorewall/shorewall.conf</filename> to
specify the name of your log.</para>
<important>
<para>The LOGFILE setting does not control where the Netfilter log is
maintained -- it simply tells the /sbin/<filename>shorewall</filename>
utility where to find the log.</para>
</important>
</section>
<section id="Other">
<title>Some Things to Keep in Mind</title>

View File

@ -875,6 +875,57 @@ ACCEPT loc $FW tcp 80 #Allow Weblet to work</progra
file to add or delete other connections as required.</para>
</section>
<section id="Logging">
<title>Logging</title>
<para>Shorewall does not maintain a log itself but rather relies on your
<ulink url="shorewall_logging.htm">system's logging configuration</ulink>.
The following <ulink url="manpages/shorewall.html">commands</ulink> rely
on knowing where Netfilter messages are logged:</para>
<itemizedlist>
<listitem>
<para><command>shorewall show log</command> (Displays the last 20
netfilter log messages)</para>
</listitem>
<listitem>
<para><command>shorewall logwatch</command> (Polls the log at a
settable interval</para>
</listitem>
<listitem>
<para><command>shorewall dump</command> (Produces an extensive report
for inclusion in Shorewall problem reports)</para>
</listitem>
</itemizedlist>
<para>It is important that these commands work properly because when you
encounter connection problems when Shorewall is running, the first thing
that you should do is to look at the Netfilter log; with the help of
<ulink url="FAQ.htm#faq17">Shorewall FAQ 17</ulink>, you can usually
resolve the problem quickly.</para>
<para>Most commonly, Netfilter messages are logged to
<filename>/var/log/messages</filename>. Recent
<trademark>SuSE/OpenSuSE</trademark> releases come preconfigured with
syslog-ng and log netfilter messages to
<filename>/var/log/firewall</filename>.</para>
<para><inlinegraphic fileref="images/BD21298_.gif" format="GIF" /></para>
<para>If you are running a distribution that logs netfilter messages to a
log other than <filename>/var/log/messages</filename>, then modify the
LOGFILE setting in <filename>/etc/shorewall/shorewall.conf</filename> to
specify the name of your log.</para>
<important>
<para>The LOGFILE setting does not control where the Netfilter log is
maintained -- it simply tells the /sbin/<filename>shorewall</filename>
utility where to find the log.</para>
</important>
</section>
<section id="Other">
<title>Some Things to Keep in Mind</title>