Koozali.org: home of the SME Server

Legacy Forums => General Discussion (Legacy) => Topic started by: Chris Bragg on January 20, 2002, 11:51:02 PM

Title: Where does ipchains log to?
Post by: Chris Bragg on January 20, 2002, 11:51:02 PM

I know this is likely a lame question, but I don't see the answer. In looking at all the logs available on the server, I cannot find anywhere where ipchains is logging to. Even after running a portscan from outside my LAN, the logs available show nothing at all.

Could it be that I've simply missed something here? Or perhaps logging is not turned on by default? If the latter, perhaps someone could let me know which file to edit to turn logging for ipchains on?

TIA,

Chris

Title: Re: Where does ipchains log to?
Post by: Uwe Schreiber on January 23, 2002, 09:51:12 AM

In many Linux distributions the logging of ipchains (also snort, prelude or something else) is disabled by default, because it will result in huge logfiles.

But don't ask me where you have to enable it...;-)

Title: Re: Where does ipchains log to?
Post by: Charlie Brady on January 24, 2002, 02:36:59 AM

Uwe Schreiber wrote:

> In many Linux distributions the logging of ipchains (also
> snort, prelude or something else) is disabled by default,
> because it will result in huge logfiles.
>
> But don't ask me where you have to enable it...;-)

/sbin/e-smith/db configuration setprop masq Logging xxx

# Valid values of xxx are "all", "none" and "most".
# "most" means all denied packets except SMB and RIP

/sbin/e-smith/signal-event remoteaccess-update

Regards

Charlie

Title: Re: Where does ipchains log to?
Post by: Chris Bragg on January 30, 2002, 07:52:09 AM

Thanks Charlie, this is exactly what I was looking for. It worked great! Tell me though, is this change going to be permanent? Meaning, will I have to enter this again should the system be rebooted? I never reboot this router by choice, but I've suffered 8 blackouts in the past 5 months, so I wanted to be sure.

Thanks again!

Chris