looks like they have changed something in the parameters of the target LOG in iptables. Try to open man page for iptables and look for the description of the target "LOG". Does it have parameter --log-prefix ?


On Sat, Nov 10, 2012 at 9:12 AM, rbsf <pgngw+rbsf+sourceforge.net@f-m.fm> wrote:

I've been running an FWBuilder-generated script on an Opensuse servers,
<= v 12.1, with no problems.

Logging was working as expected. LogLabels I defined showed up
correctly.  ACCEPT & DENY actions showed up in my logs as I defined

Recently, I upgraded my server to Opensuse 12.2.

Since then, the firewall still loads/works, but logging has stopped
working as expected.

In /var/log/firewall, I now see all entries in this format

Nov 10 06:25:20 core kernel: --log-prefIN=eth0 OUT= MAC=6c:...:00
SRC= DST=yy.yy.yy.144 LEN=128 TOS=0x00 PREC=0x00 TTL=58
Nov 10 06:25:28 core kernel: --log-prefIN=eth1 OUT=eth0 MAC=00:...:00
SRC=xx.xx.xx.18 DST= LEN=30 TOS=0x18 PREC=0x00 TTL=253
ID=48011 PROTO=UDP SPT=5060 DPT=5060 LEN=10
Nov 10 06:25:37 core kernel: --log-prefIN=eth1 OUT= MAC=00:...:00
SRC=xx.xx.xx.18 DST=xx.xx.xx.100 LEN=61 TOS=0x00 PREC=0x00 TTL=254
ID=48012 PROTO=UDP SPT=54414 DPT=53 LEN=41
Nov 10 06:25:37 core kernel: --log-prefIN= OUT=eth0 SRC=yy.yy.yy.144
DST= LEN=72 TOS=0x00 PREC=0x00 TTL=64 ID=36301 PROTO=UDP
SPT=60777 DPT=53 LEN=52
Nov 10 06:25:37 core kernel: --log-prefIN= OUT=eth0 SRC=yy.yy.yy.144
DST= LEN=72 TOS=0x00 PREC=0x00 TTL=64 ID=18865 PROTO=UDP
SPT=5082 DPT=53 LEN=52

My defined log-prefix label are not showing at all anymore. Neither are
any actions that I defined in those prefixes.  Log "ON" or "OFF" toggles
in rules are no longer respected.

Note the appearance of the "kernel:" which was NOT there before, and the
truncated "--log-pref".

I'm digging, but haven't found any obvious cause/solution -- yet.

Any pointers on how/where to troubleshoot this?


Everyone hates slow websites. So do we.
Make your web apps faster with AppDynamics
Download AppDynamics Lite for free today:
Fwbuilder-discussion mailing list