extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2025-06-20 01:37:59 +02:00
Code Issues Packages Projects Releases Wiki Activity

Yet another tweak to FAQ 16a

Browse Source 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@5184 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2007-01-02 03:43:51 +00:00
parent dc4be69638
commit a06fcf71d2
1 changed files with 13 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
docs/FAQ.xml
View File

@ -1032,15 +1032,18 @@ DROP net fw udp 10619</programlisting>
Netfilter log messages are written. The LOGFILE setting in Netfilter log messages are written. The LOGFILE setting in
<filename>shorewall.conf</filename> simply tells the <filename>shorewall.conf</filename> simply tells the
<filename>/sbin/shorewall[-lite]</filename> program where to look for <filename>/sbin/shorewall[-lite]</filename> program where to look for
the log. Also, it is important to understand that a log severity of the log. Also, it is important to understand that a log level of
"debug" will generally be written to fewer log files than a log "debug" will generally cause Netfilter messages be written to fewer
severity of "info".</para> files in <filename class="directory">/var/log</filename> than a log
severity of "info". The log level does not control the number of log
messages or the content of the messages.</para>
<para>The actual log file where Netfilter messages are written is not <para>The actual log file where Netfilter messages are written is not
standardized; but anytime you see no logging, it's time to look standardized and will vary by distribution and distribusion version.
outside the Shorewall configuration for the cause. As an example, But anytime you see no logging, it's time to look outside the
recent <trademark>SuSE</trademark> releases use syslog-ng by default Shorewall configuration for the cause. As an example, recent
and write Shorewall messages to <trademark>SuSE</trademark> releases use syslog-ng by default and
write Shorewall messages to
<filename>/var/log/firewall</filename>.</para> <filename>/var/log/firewall</filename>.</para>
<para>Please see the <ulink url="shorewall_logging.html">Shorewall <para>Please see the <ulink url="shorewall_logging.html">Shorewall
@ -1358,9 +1361,9 @@ DROP net fw udp 10619</programlisting>
<para><emphasis role="bold">Answer:</emphasis> First of all, please note <para><emphasis role="bold">Answer:</emphasis> First of all, please note
that the above is a very specific type of log message dealing with ICMP that the above is a very specific type of log message dealing with ICMP
port unreachable packets. Do not read this answer and assume that all port unreachable packets (PROTO=ICMP TYPE=3 CODE=3). Do not read this
Shorewall log messages have something to do with ICMP (hint -- see <link answer and assume that all Shorewall log messages have something to do
linkend="faq17">FAQ 17</link>).</para> with ICMP (hint -- see <link linkend="faq17">FAQ 17</link>).</para>
<para>While most people associate the Internet Control Message Protocol <para>While most people associate the Internet Control Message Protocol
(ICMP) with <quote>ping</quote>, ICMP is a key piece of IP. ICMP is used (ICMP) with <quote>ping</quote>, ICMP is a key piece of IP. ICMP is used