Having just bumped into your ClearOS guides, I've noticed a probable error in the IPSec guide here. To me most of the interesting logs go into /var/log/secure and not messages.
FWIW, I'd like to see a change to the logging and have proposed to Tim:
FWIW, I'd like to see a change to the logging and have proposed to Tim:
I would love to see logging go into a separate file. I have a patch supplied to me to do this in 2.6.38 but each time you restart ipsec, the log file restarts which is not ideal. I now have a better solution as I've tried playing around with rsyslog in 6.x (not available in 5.2 which uses syslog). I've added a file /etc/rsyslog.d/openswan.conf with the following contents:
# Reference = http://wiki.rsyslog.com/index.php/Filtering_by_program_name
if $programname == 'pluto' then -/var/log/openswan
& ~
And I've created a logrotate function /etc/logrotate.d/openswan:
# rotate the Openswan log
/var/log/openswan {
# size 10k
notifempty
missingok
weekly
copytruncate
create 0664 root root
rotate 4
}
Now most of the Openswan logs go to /var/log/openswan rather than /var/log/secure. The exception is for a few start up lines where the kernel logs the messages instead of pluto.
Share this post:
Please login to post a reply
You will need to be logged in to be able to post a reply. Login using the form on the right or register an account if you are new here.
Register Here »