LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Mandriva (https://www.linuxquestions.org/questions/mandriva-30/)
-   -   Shorewall w ulog issues (https://www.linuxquestions.org/questions/mandriva-30/shorewall-w-ulog-issues-209211/)

igbe 07-24-2004 04:07 PM
Shorewall w ulog issues
 
All,

I am running Mandrake 10.0, most of everything I wanted to do with this server is setup and working well. Last night I setup ULOG so that I can move my shorewall logs out of the /var/log/messages file to /var/log/firewall.log.

It's working just fine except for one problem, the date and the time is always the same and its way wrong. System date and time check out just fine so this is not the issue. Below is a sample of the log.

Jan 27 19:45:16 ns1 Shorewall:net2all:DROP: IN=eth0 OUT= MAC=00:50:da:16:c6:9e:00:00:c5:84:a0:30:08:00 SRC=210.173.41.170 DST=64.169.245.77
LEN=48 TOS=00 PREC=0x00 TTL=107 ID=28536 DF PROTO=TCP SPT=3540 DPT=5554 SEQ=2983434845 ACK=0 WINDOW=65280 SYN URGP=0
Jan 27 19:45:16 ns1 Shorewall:net2all:DROP: IN=eth0 OUT= MAC=00:50:da:16:c6:9e:00:00:c5:84:a0:30:08:00 SRC=210.173.41.170 DST=64.169.245.77
LEN=48 TOS=00 PREC=0x00 TTL=107 ID=28819 DF PROTO=TCP SPT=3864 DPT=9898 SEQ=2996929655 ACK=0 WINDOW=65280 SYN URGP=0
Jan 27 19:45:16 ns1 Shorewall:net2all:DROP: IN=eth0 OUT= MAC=00:50:da:16:c6:9e:00:00:c5:84:a0:30:08:00 SRC=67.96.36.15 DST=64.169.245.77 LE
N=44 TOS=00 PREC=0x00 TTL=241 ID=41732 CE DF PROTO=TCP SPT=2182 DPT=25 SEQ=3848459542 ACK=0 WINDOW=24820 SYN URGP=0
Jan 27 19:45:16 ns1 Shorewall:net2all:DROP: IN=eth0 OUT= MAC=00:50:da:16:c6:9e:00:00:c5:84:a0:30:08:00 SRC=67.96.36.15 DST=64.169.245.77 LE
N=44 TOS=00 PREC=0x00 TTL=241 ID=42285 CE DF PROTO=TCP SPT=2182 DPT=25 SEQ=3848459542 ACK=0 WINDOW=24820 SYN URGP=0
Jan 27 19:45:16 ns1 Shorewall:net2all:DROP: IN=eth0 OUT= MAC=00:50:da:16:c6:9e:00:00:c5:84:a0:30:08:00 SRC=67.96.36.15 DST=64.169.245.77 LE
N=44 TOS=00 PREC=0x00 TTL=241 ID=44584 CE DF PROTO=TCP SPT=2182 DPT=25 SEQ=3848459542 ACK=0 WINDOW=24820 SYN URGP=0
Jan 27 19:45:16 ns1 Shorewall:net2all:DROP: IN=eth0 OUT= MAC=00:50:da:16:c6:9e:00:00:c5:84:a0:30:08:00 SRC=219.150.118.21 DST=64.169.245.77
LEN=1109 TOS=00 PREC=0x00 TTL=109 ID=147 PROTO=UDP SPT=25990 DPT=1026 LEN=1089
Jan 27 19:45:16 ns1 Shorewall:net2all:DROP: IN=eth0 OUT= MAC=00:50:da:16:c6:9e:00:00:c5:84:a0:30:08:00 SRC=67.96.36.15 DST=64.169.245.77 LE
N=44 TOS=00 PREC=0x00 TTL=241 ID=48965 CE DF PROTO=TCP SPT=2182 DPT=25 SEQ=3848459542 ACK=0 WINDOW=24820 SYN URGP=0
Jan 27 19:45:16 ns1 Shorewall:net2all:DROP: IN=eth0 OUT= MAC=00:50:da:16:c6:9e:00:00:c5:84:a0:30:08:00 SRC=67.96.36.15 DST=64.169.245.77 LE
N=44 TOS=00 PREC=0x00 TTL=241 ID=54911 CE DF PROTO=TCP SPT=2182 DPT=25 SEQ=3848459542 ACK=0 WINDOW=24820 SYN URGP=0
Jan 27 19:45:16 ns1 Shorewall:net2fw:ACCEPT: IN=eth0 OUT= MAC=00:50:da:16:c6:9e:00:00:c5:84:a0:30:08:00 SRC=68.7.110.190 DST=64.169.245.77
LEN=48 TOS=00 PREC=0x00 TTL=111 ID=2373 DF PROTO=TCP SPT=1208 DPT=22 SEQ=2446969396 ACK=0 WINDOW=64240 SYN URGP=0

All the other log files are working just fine so I suspect its an option or an issue with some flag or something, can someone please point me in the right direction?

John


All times are GMT -5. The time now is 07:49 AM.