LinuxQuestions.org
Register a domain and help support LQ
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Mandriva
User Name
Password
Mandriva This Forum is for the discussion of Mandriva (Mandrake) Linux.

Notices

Reply
 
Search this Thread
Old 07-24-2004, 04:07 PM   #1
igbe
LQ Newbie
 
Registered: Jul 2004
Location: San Diego, CA
Posts: 6

Rep: Reputation: 0
Shorewall w ulog issues


All,

I am running Mandrake 10.0, most of everything I wanted to do with this server is setup and working well. Last night I setup ULOG so that I can move my shorewall logs out of the /var/log/messages file to /var/log/firewall.log.

It's working just fine except for one problem, the date and the time is always the same and its way wrong. System date and time check out just fine so this is not the issue. Below is a sample of the log.

Jan 27 19:45:16 ns1 Shorewall:net2all:DROP: IN=eth0 OUT= MAC=00:50:da:16:c6:9e:00:00:c5:84:a0:30:08:00 SRC=210.173.41.170 DST=64.169.245.77
LEN=48 TOS=00 PREC=0x00 TTL=107 ID=28536 DF PROTO=TCP SPT=3540 DPT=5554 SEQ=2983434845 ACK=0 WINDOW=65280 SYN URGP=0
Jan 27 19:45:16 ns1 Shorewall:net2all:DROP: IN=eth0 OUT= MAC=00:50:da:16:c6:9e:00:00:c5:84:a0:30:08:00 SRC=210.173.41.170 DST=64.169.245.77
LEN=48 TOS=00 PREC=0x00 TTL=107 ID=28819 DF PROTO=TCP SPT=3864 DPT=9898 SEQ=2996929655 ACK=0 WINDOW=65280 SYN URGP=0
Jan 27 19:45:16 ns1 Shorewall:net2all:DROP: IN=eth0 OUT= MAC=00:50:da:16:c6:9e:00:00:c5:84:a0:30:08:00 SRC=67.96.36.15 DST=64.169.245.77 LE
N=44 TOS=00 PREC=0x00 TTL=241 ID=41732 CE DF PROTO=TCP SPT=2182 DPT=25 SEQ=3848459542 ACK=0 WINDOW=24820 SYN URGP=0
Jan 27 19:45:16 ns1 Shorewall:net2all:DROP: IN=eth0 OUT= MAC=00:50:da:16:c6:9e:00:00:c5:84:a0:30:08:00 SRC=67.96.36.15 DST=64.169.245.77 LE
N=44 TOS=00 PREC=0x00 TTL=241 ID=42285 CE DF PROTO=TCP SPT=2182 DPT=25 SEQ=3848459542 ACK=0 WINDOW=24820 SYN URGP=0
Jan 27 19:45:16 ns1 Shorewall:net2all:DROP: IN=eth0 OUT= MAC=00:50:da:16:c6:9e:00:00:c5:84:a0:30:08:00 SRC=67.96.36.15 DST=64.169.245.77 LE
N=44 TOS=00 PREC=0x00 TTL=241 ID=44584 CE DF PROTO=TCP SPT=2182 DPT=25 SEQ=3848459542 ACK=0 WINDOW=24820 SYN URGP=0
Jan 27 19:45:16 ns1 Shorewall:net2all:DROP: IN=eth0 OUT= MAC=00:50:da:16:c6:9e:00:00:c5:84:a0:30:08:00 SRC=219.150.118.21 DST=64.169.245.77
LEN=1109 TOS=00 PREC=0x00 TTL=109 ID=147 PROTO=UDP SPT=25990 DPT=1026 LEN=1089
Jan 27 19:45:16 ns1 Shorewall:net2all:DROP: IN=eth0 OUT= MAC=00:50:da:16:c6:9e:00:00:c5:84:a0:30:08:00 SRC=67.96.36.15 DST=64.169.245.77 LE
N=44 TOS=00 PREC=0x00 TTL=241 ID=48965 CE DF PROTO=TCP SPT=2182 DPT=25 SEQ=3848459542 ACK=0 WINDOW=24820 SYN URGP=0
Jan 27 19:45:16 ns1 Shorewall:net2all:DROP: IN=eth0 OUT= MAC=00:50:da:16:c6:9e:00:00:c5:84:a0:30:08:00 SRC=67.96.36.15 DST=64.169.245.77 LE
N=44 TOS=00 PREC=0x00 TTL=241 ID=54911 CE DF PROTO=TCP SPT=2182 DPT=25 SEQ=3848459542 ACK=0 WINDOW=24820 SYN URGP=0
Jan 27 19:45:16 ns1 Shorewall:net2fw:ACCEPT: IN=eth0 OUT= MAC=00:50:da:16:c6:9e:00:00:c5:84:a0:30:08:00 SRC=68.7.110.190 DST=64.169.245.77
LEN=48 TOS=00 PREC=0x00 TTL=111 ID=2373 DF PROTO=TCP SPT=1208 DPT=22 SEQ=2446969396 ACK=0 WINDOW=64240 SYN URGP=0

All the other log files are working just fine so I suspect its an option or an issue with some flag or something, can someone please point me in the right direction?

John
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Shorewall Routing Internet access issues Raidmax Linux - Newbie 0 11-15-2005 07:29 PM
Shorewall with ulog for logging to a diffrent file igbe Linux - Software 0 07-24-2004 04:06 PM
ulog netfilter and redhat 8.0 davejunkie Linux - Networking 0 03-23-2004 04:04 PM
Is ULOG supported on the Redhat 2.4.18-20 kernel ? I not how can I enable it? DJCW Red Hat 0 02-04-2004 06:48 PM
Shorewall issues on Mandrake 9.1 DesertWolf0132 Linux - Software 2 10-14-2003 10:40 PM


All times are GMT -5. The time now is 05:10 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration