gb-users mailing list archive
<-- Chronological -->
Extended
<-- Thread -->

Log messages missing

More messages from [ Mark Burton]
To: "gb-users_at_gta_dot_com" <gb-users_at_gta_dot_com>
Subject: Log messages missing
From: Mark Burton <mburton_ais_at_qlo_dot_com>
Date: Wed, 15 Mar 2000 13:36:28 -0600 
I have been trying configure my logs to catch everything going on in the
Gnatbox. Normal messages are being logged to my unix system like:
    tunnel opens and closes
    WWW access
    WWWadmin access
    Illegal forward attempts

But when I activate the email alert summary, the emails show packets
being rejected. For example, I have one person who was trying to get
audio from the net, and I get these packets:

   ALARM NO: 2
   DATE: Wednesday, Mar 15, 2000
   TIME: 10:24:48
   INTERFACE: EXT (de0)
   ALARM TYPE: Block
   IP PACKET: UDP  [205.188.246.71/9767]-->[xxx.xxx.xxx.xxx/6970]  l=619

DETAILED DESCRIPTION:
        IP packet was rejected.

The Gnatbox is rejecting packets as it is supposed to, but no matching
message appears in the log. I can see "alarm: WARNING: email not
enabled" if the email config is not turned on. If it is turned on, I get
"alarm: Alarms successfully queued".
There should be some message in the logs that says "rejected". The log
facility needs to be the central point for all messages, as I do not
want to have to look through different places to find all the pertinent
messages when looking at problems, etc.

My default logging options are : ALL and RECEIVED.
I have the send email alarms activated.
All the rules have logging enabled through DEFAULT (and also tried
changing some to YES just in case).
My remote logging options are:
    Filter facility: local1
    NAT facility: local0
    WWW facility: local2
    Priority to log tunnel opens: 3 error
    Priority to log tunnel closes: 3 error
    Priority to WWW pages accessed: 3 error
The syslog daemon on my unix is set to pick up anything for the facility
using the * (which would include local0,1,2).
I have tested with with the syslog daemon level parm at all levels, but
it is normally "err" which corresponds to the priorities above.

Does the Gnatbox log every message? Is there any configuration options I
have missed?


--
Mark Burton
Technical Analyst
SaskTel - AIS
3rd Floor, 1919 Rose St.
Regina, SK  S4P 3Y2
(306) 777-4049


begin:vcard 
n:Burton;Mark
tel;fax:306-777-1624
tel;work:306-777-4049
x-mozilla-html:FALSE
org:SaskTel;AIS
version:2.1
email;internet:mburton_ais_at_qlo_dot_com
title:Technical Analyst
adr;quoted-printable:;;3rd Floor=0D=0A1919 Rose St.;Regina;Saskatchewan;S4P 3Y2;Canada
fn:Mark Burton
end:vcard
[ Search for messages with a similar subject]
<Prev in Thread] Current Thread [Next in Thread>
  • Log messages missing, Mark Burton <=
Previous by Date:  Re: duplex problem on the gnatbox, Graham Jones
Next by Date:  Re: Frequent download failures, Art
Previous by Thread:  Help with static address mappings, Michael Little
Next by Thread:  more than 5 users or ip addresses, Pcdoc
Indexes:  [Date] [Thread] [All Lists] [Home]
Global Technology Associates, Inc