OpenSUSE Network :: Stop Firewall From Writting Logs To /var/log/messages?
Jul 19, 2011
I'm running OpenSUSE 11.4. The problem is that I can set easily what to log (for firewall), but not where to log. And currently the same logs are written to /var/log/firewall and /var/log/messages. I still want messages be written into the first one, but not the second one — it is redundant and it is polluting regular system logs.So how to stop the firewall from writting logs to /var/log/messages?
View 5 Replies
ADVERTISEMENT
Mar 25, 2011
I suspect this is an initial configuration bug. All firewall logs seem to be going to all
three files. That causes a lot of clutter in the log files, and makes it difficult to see whether there are any serious problems being logged.
View 9 Replies
View Related
Sep 14, 2011
I have been running Senmail on SuSE 11.1 for the last few years with no problems.Since installing SuSE 11.3 a few months ago I have been having problems getting Sendmail to send to some (only a few) servers.If I disable the firewall # SuSEFirewall2 stop.I can send successfully using # sendmail -v -q, or # sendmail -v -qIxxxxx.When I re-enable the firewall I will start to get the timeouts/temporarily unavailable messages again (but as mentioned above, only for some servers) even though I can successfully telnet these servers when the firewall is on. When I disable the firewall the delayed messages can again be sent.Has anybody any ideas what I need to change (presumably in the Firewall) to get things working correctly? 'SMTP with sendmail' is already selected under 'Services to Allow' under YaST Firewall->Allowed Services..
View 4 Replies
View Related
Mar 23, 2010
In the firewall, I opened port 5900 for TCP traffic. Now the console is displaying packet information whenever a connection is made. Why does it send a message to stdout/stderr for an allowed connection? How can I stop it? Logging level is set to critical only, and not-accepted packets should only be logged for the internal and DMZ zones.
View 1 Replies
View Related
May 30, 2009
More than 7 G bytes were logged to the messages file last three weeks I got this message in /var/log/messages I want to stop this messaging cause it takes to much space
Quote:
Apr 30 20:25:18 TEST-NODE kernel: IPT: IN_NOMATCH IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:17:a4:a7:3d:a2:08:00 SRC=172.26.16.27 DST=172.26.16.255 LEN=104 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=10100 DPT=10100 LEN=84
[code]...
View 7 Replies
View Related
Jan 3, 2011
I have configured my Cisco ASa Firewall to send its logs to my ubuntu server in /var/log/cisco/ I see the logfiles populating in real time, but i can also see all the logs are also wtitten to /var/log/messages. How can i make sure i do not have a log redundancy? I dont want my firewall logs displayed in messages since there are now sent to /var/log/cisco.
View 1 Replies
View Related
Apr 7, 2011
I want some advice for making my system more secure. I want deactivate any network connection that is unnecessary. Only my browser and the update ability of zypper should have access to the internet. On windows there are personal firewalls.
How can I block internetaccess for all other programmes on openSUSE?
View 8 Replies
View Related
Jul 26, 2010
Samba is working correctly if Susefirewall2 is off. I have added Samba client and Samba Services for extern access but samba is not working when firewall is now on. Which services should I also add ?
View 1 Replies
View Related
May 4, 2010
I have configured my Cisco firewall to redirect all its logs to my Ubuntu 9.1 server (no UI.)
Now, my /var/log/messages is getting all the firewall logs + all other logs.
I'm wondering if there is a way to redirect the logs from my Cisco Firewall (coming from UDP port 514) to another file.
View 2 Replies
View Related
Mar 8, 2010
I have a batch job which logs in to the server every 10 minutes via windows rsh. The job checks to see is there are any files that need to be send via a EDI serverto a supplier.The following logwatch report is swamped with the login messages and would like to either suppress the logging in PAM? or suppress the entry in the logwatch report?But I still want logging id the username is not username1.Connections (secure-log) Begin rshd[1754]: pam_rhosts_auth(rsh:auth): allowed to username1@10.0.0.1 as myedi
View 2 Replies
View Related
Nov 8, 2010
I'm wondering why I keep getting the following in /var/log/messages on a system running the latest CentOS 5 64 bit kernel:
Nov 8 09:50:24 hostname kernel: myri10ge: eth2: link down
Nov 8 09:50:24 hostname kernel: myri10ge: eth2: link up
Nov 8 09:50:34 hostname kernel: myri10ge: eth2: link down
[Code]....
View 5 Replies
View Related
Apr 5, 2011
In an effort to learn more about firewalls and iptables I have left behind gui set-up tools and have setup a firewall using iptables that logs to its own file. The firewall is as follows:
Code:
*filter
:INPUT DROP [0:0]
:FORWARD DROP [0:0]
:OUTPUT ACCEPT [0:0]
:TCP - [0:0]
[Code]...
View 8 Replies
View Related
Jan 17, 2010
Currently Im having a syslog server that consolidate firewall logs on port 514 udp. Im also having a IDS device that I wish to push its logs to this particular syslog server so that I can retrieve my IDS logs on this server as well.
Is it possible to do so?Having syslog listening on port 514 for both firewall and IDS logs? If it is possible will the logs be recorded in a single log file?Or will it be recorded in a separate log file ie. firewall.log, IDS.log etc?? I wish to have them in separate individual log files or else there will be hard time segregating the log entries in a single file. Can anyone advice on how to achieve this??
View 2 Replies
View Related
Jul 25, 2011
I have a problem with trying to connect to VPN over linux. From OSX and Windows the VPN connection goes through fine. It was working flawlessly, for the last one month I never used the laptop or the VPN, however after booting recently 1 week ago the VPN always show as timedout. Some details about the vpn / pptp connection details:
[Code]....
View 8 Replies
View Related
Aug 12, 2011
I'm putting a opensuse 11.4 64 bit KDE install on an HP -G62 laptop.
I also use an NFS network.
I want to use a wireless network.
The problem is that network manager keeps insisting on asking kwallet for permission to start up the network. As a consequence boot hangs because the nfs network can't find the files in /etc/fstab because the network can't start because you can't see kwallet until it finishes booting.
I have options set in networkmanager to store the password in connection secrets in secure storage, and it insists on asking kwallet!
I don't want to get rid of kwallet because it's very useful otherwise - just not at boot time?
How do I modify the behaviour shown here?
View 1 Replies
View Related
Jul 23, 2011
Well it turns out my system has logged out more then once on its own. I had the system updated and upgraded from 7-3-11 and it did this about once a week. On 7-18-11 I did a full update and upgrade and it logged out a few times in a couple of hours. It does it while I am away and the system is in screen saver mode. I used my partition clone and restored the system back to 7-3-11. Has any one else ever had such an issue?
View 2 Replies
View Related
Mar 29, 2010
I am trying to add a custom allow rule in the firewall for a range of IPs from 74.201.102.0 - 74.201.103.255, what exactly am I supposed to enter in the source box? I believe I have to add two separate rules for 102 and 103, and I put /24 at the end of both, is this correct to get the whole range of IPs?
View 3 Replies
View Related
May 25, 2011
1. Under openSUSE 11.2, I allowed printer sharing through CUPS by setting the Firewall to Allow Services of CUPS in the External Zone section. I don't see the CUPS option in the Allow Services of the Firewall under 11.4, any zone. Is my system missing something?2. If I turn off the Firewall, the client computer can see the printers, even get the broadcasted names. If I put port 631 in TCP of the Advanced setting of the External Zone, the client computer can see the printer too, but I know I read somewhere that putting 631 in the External Zone is basically allowing printer requests from the entire internet.
View 2 Replies
View Related
Jun 24, 2010
I've got a strange sendmail problem I've never come across before...Messages less that 2500 lines (approx 169kb) are sent correctly - anything else goes straight into the queue and is never delivered. The server sits in a intranet, is not connected to the outside world, and forwards its mail to a smart host.All configuration has been done through yast, so there are no unusual settings. I've run sendmail on SuSE from version 6 upwards, and this is the first time I've come across this - it's driving me potty
View 4 Replies
View Related
Mar 29, 2010
switched recently to 11.2 and it works fine for me as workstation I want to set up a router separating a part of the network and also acting as a firewall/proxy... Configured 2 Ethernet Interfaces, checked Ip forwarding in Yast but it does not forward the packets from the "internal" to the "external" network. Hovewer after I set up my router as default for machines on internal network I can ping the external interface but no adress on external network (particularly the one of the default router) !!! From the router I can reach both networks and the net via default gateway on external. Tried to:
a) switch firewall completely off
b) iptables -P FORWARD ACCEPT
c) masquarading internal adresses to the external network
my interfaces configuration looks like:
eth0 Link encap:Ethernet HWaddr 00:13:D4:E3:A2:7B
inet addr:192.168.1.34 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::213:d4ff:fee3:a27b/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
[Code].....
View 4 Replies
View Related
May 19, 2010
We have reason to ask this of you following some strange firewall behaviour - But don't panic If you use openSUSE 11.2 and you think: Your Firewall should be running You are not sure but think it should be check and report back here.
This is how to check:
Go to Yast > Security and Users > Firewall
View 9 Replies
View Related
May 27, 2010
I did a shields up test and it told me that 1056 ports were stealth but that my pc responded to ping and was visible on the net. How do i fix this?
View 4 Replies
View Related
Jul 13, 2010
I can't get my openvpn work if the firewall is on , and I also don't see any option to allow openvpn service in firewall allow service.
View 1 Replies
View Related
Jul 24, 2010
I'm trying to get OpenMPI (a parallel programming library) working on my home system. I have just two machines on it now, t61 and quad, connected through a router. (Which is also connected to cable modem for internet.) I can ssh between the machnes, mount directories with NFS, etc. However, I just can't get the OpenMPI to run. The OpenMPI message board suggested that the most probable cause is that the firewall is blocking TCP. I don't know how to tell if that's the problem, and can't find any manual for the SuSE firewall, while the various Wikis &c that pop up in a search don't provide any information that addresses my problem.
View 9 Replies
View Related
Aug 19, 2010
Ok here's my setup :
SuSE 10.0 X86 32 acting as my internet gateway and firewall.
eth0 is my internal interface network 192.168.0.0/24 IP 192.168.0.254 dsl0 is my internet connection and is a single ip PtP connection to my ISP.
My internal network is masquaraded onto the external network.
I run an smtp server on my gateway box that I need to be accessable to both the internal and external networks.
However I want to prevent machines on the internal network from establishing connections to external smtp servers, but still alow them to connect to the smtp server on the gateway to send email.
NOTE I do not want to force attempts to connect to [URL] 25 to be re-directed to my internal server I just want to drop or reject the connection.
The firewall up until now has just been configured through YaST, but am not afraid to edit script files if needed
The reason for doing this it to prevent spambots from being able to send through my isp, I keep my own machines clean but sometimes get asked to disinfect machines for other people (family members etc), where I need to connect to the outside world to get updates/virus defs etc, but don't want them spamming from my network.
View 2 Replies
View Related
Aug 26, 2010
can I deny the access to my server for a specific OS? I have one PC which I want to give it acces from winxp, but if it's boot into ubuntu I want to deny all access to my server, same IP, same ethernet card
View 8 Replies
View Related
Sep 8, 2010
I've setup vnc over ssh tunnelling however the Suse firewall seems to be blocking it. On the local host I have this in ~/.ssh/config:LocalForward localhost:5900 remotehost.com:5900 The problem is that this only works when I either disable the firewall or add an exception for VNC. Both of these actions defeat the whole purpose of ssh tunnelling since they leave my VNC port open to the outside world (very insecure).
View 2 Replies
View Related
Oct 22, 2010
I'm in the situation where I'm trying to create 2 private networks using ESX server, all behind a NAT router (static ips are used). I used an openSuse11 vm as a router and was able to configure it so that a machine on one private network was able to access the public network. The problem I have now it that I need to be able to access a machine on the private network from the public network using a different set of IP's.
So if a machine in the private network has an IP of 10.1.0.222 I should be able to ping it using 10.99.0.222 or some other IP. I have never done this before and after reading up on iptables and linux routing I feel more confused than before. Is it possible to add IPs to eth0 (public) and have them mapped to machines on a private network eth1 or eth
View 3 Replies
View Related
Mar 5, 2011
I'm looking forward to the release of openSUSE 11.4, which I'm looking to install as an Internet facing gateway on a mini-ITX machine with 2 Ethernet cards. As such I've been reading up on the YaST Firewall trying to find out to configure it, and there's one thing I'd like to be able to do: 'stealth' all the firewall ports.
In other words, if someone were to hypothetically do a port scan of my external IP address, I would rather they not know whether any of the ports on my gateway are open or closed, so instead of replying with the status of those ports the packets get dropped. I've been able to do this with a product called Astaro Security Gateway, which I currently have installed on a second hand Dell Optiplex machine, but I am now looking into the possibility of installing this as a virtual machine inside an openSUSE 11.4 host (extra level of security) and would like the same functionality for the host OS.
View 9 Replies
View Related
Mar 11, 2011
How I can refuse an outgoing connection on opensuse firewall by default outbound policy is permissive, and the p2p I explicitly deny an outgoing, according to protocol, remote port and local port.
But I can add rules as how to run opensuse firewall rules are permissive only for inbound traffic and so I can not specifically deny an outgoing connection.
Before using fwbuilder is very powerful and configurable but now I'm with suse for convenience but want to know if you can do what I want, if not I will have to use fwbuilder.
View 5 Replies
View Related
