EFW Support
Welcome,
Guest
. Please
login
or
register
.
Did you miss your
activation email?
Sunday 15 December 2024, 12:56:21 pm
1 Hour
1 Day
1 Week
1 Month
Forever
Login with username, password and session length
Get the new Updates directly from Endian
HERE
14261
Posts in
4377
Topics by
6517
Members
Latest Member:
Sandro
Search:
Advanced search
EFW Support
Support
General Support
No firewall log EFW 2.4-community
0 Members and 6 Guests are viewing this topic.
« previous
next »
Pages:
[
1
]
2
Author
Topic: No firewall log EFW 2.4-community (Read 67444 times)
strangetpwn
Jr. Member
Offline
Posts: 4
No firewall log EFW 2.4-community
«
on:
Saturday 29 May 2010, 01:16:04 am »
It appears that firewall logging is not working on my fresh efw 2.4 community install.
No "hits" are being logged to file - the Live Log page is blank and the Firewall log viewer page displays the message "No (or only partial) logs exist for the given day: /var/log/firewall could not be opened" - Logging into the console confirms that no such /var/log/firewall file exists.
I tried to create a file using "touch firewall", but I'm not sure if this would be effective or if I set the permissions right, but the message did disappear.
I've tried to create situations that should create hits for the log file such a selecting "log accepted packets" and denying traffic from green>red on port 80, and the firewall itself is working, but without logging.
Logged
ad.aimm
Full Member
Offline
Posts: 36
Re: No firewall log EFW 2.4-community
«
Reply #1 on:
Saturday 29 May 2010, 02:16:17 am »
hi,
i agree with you but i don't know how to fix it.
regards.
ad
Logged
wavrunrx2
Full Member
Offline
Posts: 12
Re: No firewall log EFW 2.4-community
«
Reply #2 on:
Sunday 30 May 2010, 06:03:52 am »
same here, the firewall log is not logging anything.
(ive enabled the 'Log refused packets' tick) on the logs--->settings page.
endian-christain, any idea how to fix this ?
Logged
necromanx
Jr. Member
Offline
Posts: 4
Re: No firewall log EFW 2.4-community
«
Reply #3 on:
Monday 31 May 2010, 05:26:29 pm »
I am having the same problem.
Logged
ofernandez
Jr. Member
Offline
Posts: 1
Re: No firewall log EFW 2.4-community
«
Reply #4 on:
Monday 31 May 2010, 07:38:59 pm »
I'm the same problem.
Logged
actaris
Full Member
Offline
Gender:
Posts: 12
Re: No firewall log EFW 2.4-community
«
Reply #5 on:
Monday 31 May 2010, 08:05:30 pm »
yes, me too:
upgrade from a 2.3 box
Logged
System Administrator, Intergraph PDS Administrator,
Endian 2.4 on Intel D510M0, 2 GB RAM, CF 16 GB on Sata Adapter
Maestrale
Full Member
Offline
Posts: 11
Re: No firewall log EFW 2.4-community
«
Reply #6 on:
Monday 31 May 2010, 09:12:56 pm »
Me too from 2.3 to 2.4
Logged
schraads
Jr. Member
Offline
Posts: 4
Re: No firewall log EFW 2.4-community
«
Reply #7 on:
Tuesday 01 June 2010, 05:41:08 am »
I did a fresh install of 2.4.0 Community and I am seeing the same problem.
Over at Endian bug tracker, they are seeing that ULOG refuses to start.
When checking the firewall logs, neither the live logs nor the firewall logs display any information. The /var/log/firewall is present but shows 0 bytes.
After checking the initial configuration, this seems to be a problem with ulog. It refuses to start. I tried to start it manually and the syslog file shows the following error message:
Mon May 31 16:48:06 2010 <5> ulogd.c:372 registering plugin `NFLOG'
Mon May 31 16:48:06 2010 <5> ulogd.c:372 registering plugin `ULOG'
Mon May 31 16:48:06 2010 <5> ulogd.c:372 registering plugin `NFCT'
Mon May 31 16:48:06 2010 <5> ulogd.c:372 registering plugin `IFINDEX'
Mon May 31 16:48:06 2010 <5> ulogd.c:372 registering plugin `SYSLOG'
Mon May 31 16:48:06 2010 <5> ulogd.c:372 registering plugin `BASE'
Mon May 31 16:48:06 2010 <5> ulogd.c:372 registering plugin `PRINTPKT'
Mon May 31 16:48:06 2010 <7> ulogd.c:721 cannot find key `ip.saddr.str' in stack
Mon May 31 16:48:06 2010 <7> ulogd.c:721 cannot find key `ip.saddr.str' in stack
Mon May 31 16:48:06 2010 <8> ulogd.c:1173 not even a single working plugin stack
Logged
wavrunrx2
Full Member
Offline
Posts: 12
Re: No firewall log EFW 2.4-community
«
Reply #8 on:
Tuesday 01 June 2010, 08:13:21 am »
this is a major issue in my mind; i need to see attempts at my network.
we need a fix fast.
Logged
endian-christian
Full Member
Offline
Posts: 33
Re: No firewall log EFW 2.4-community
«
Reply #9 on:
Tuesday 01 June 2010, 06:54:55 pm »
Hello,
Thank you very much - we found the issue and created a new package.
You can try and download it here:
http://public.endian.com/christian/ulogd-2.0.0-0.endian8.i586.rpm
.
Regards,
Christian
Logged
ad.aimm
Full Member
Offline
Posts: 36
Re: No firewall log EFW 2.4-community
«
Reply #10 on:
Tuesday 01 June 2010, 09:22:34 pm »
hi,
new rpm is in conflict with the old one : ulog-2.0.0-0.endian7.i586
even with --replacepkgs , i can't install it.
any idea ?
regards,
ad.
Logged
strangetpwn
Jr. Member
Offline
Posts: 4
Re: No firewall log EFW 2.4-community
«
Reply #11 on:
Tuesday 01 June 2010, 10:54:24 pm »
Quote from: ad.aimm on Tuesday 01 June 2010, 09:22:34 pm
hi,
new rpm is in conflict with the old one : ulog-2.0.0-0.endian7.i586
even with --replacepkgs , i can't install it.
any idea ?
regards,
ad.
Try
rpm -i --force
Don't forget to reboot
Logged
endian-christian
Full Member
Offline
Posts: 33
Re: No firewall log EFW 2.4-community
«
Reply #12 on:
Wednesday 02 June 2010, 12:35:14 am »
Quote from: ad.aimm on Tuesday 01 June 2010, 09:22:34 pm
hi,
new rpm is in conflict with the old one : ulog-2.0.0-0.endian7.i586
even with --replacepkgs , i can't install it.
any idea ?
regards,
ad.
Try using smart
Code:
smart install ulogd-2.0.0-0.endian8.i586.rpm
Logged
ad.aimm
Full Member
Offline
Posts: 36
Re: No firewall log EFW 2.4-community
«
Reply #13 on:
Wednesday 02 June 2010, 03:07:50 am »
works with --force and firewall logs work too after this update
thx u
ad.
Logged
actaris
Full Member
Offline
Gender:
Posts: 12
Re: No firewall log EFW 2.4-community
«
Reply #14 on:
Wednesday 02 June 2010, 05:09:47 am »
Tnx Christian,
I downloaded the rpm, transferred with WinSCP and installed with
Code:
smart install ulogd-2.0.0-0.endian8.i586.rpm
and the firewall's log now works without reboot!
Logged
System Administrator, Intergraph PDS Administrator,
Endian 2.4 on Intel D510M0, 2 GB RAM, CF 16 GB on Sata Adapter
Pages:
[
1
]
2
« previous
next »
Jump to:
Please select a destination:
-----------------------------
Announcements
-----------------------------
=> Project News
=> Latest News and Updates
-----------------------------
Support
-----------------------------
=> General Support
=> Installation Support
=> EFW SMTP, HTTP, SIP, FTP Proxy Support
=> VPN Support
=> Hardware Support
-----------------------------
Development
-----------------------------
=> EFW Wishlist
=> Contribute Your Customisations & Modifications
Page created in 0.156 seconds with 19 queries.
Powered by SMF 1.1 RC2
|
SMF © 2001-2005, Lewis Media
Design by
7dana.com