nac*_*rin 1 ubuntu ufw ubuntu-16.04
UFW 未登录任何位置。
ufw配置:
root@localhost:/var/log# ufw status verbose
Status: active
Logging: on (full)
Default: deny (incoming), allow (outgoing), deny (routed)
New profiles: skip
To Action From
-- ------ ----
2022/tcp ALLOW IN Anywhere
80 ALLOW IN Anywhere
2022/tcp (v6) ALLOW IN Anywhere (v6)
80 (v6) ALLOW IN Anywhere (v6)
root@localhost:/var/log#
rsyslog 配置:
root@localhost:/var/log# service rsyslog status
? rsyslog.service - System Logging Service
Loaded: loaded (/lib/systemd/system/rsyslog.service; enabled; vendor preset: enabled)
Active: active (running) since Tue 2017-02-21 18:43:33 CET; 5min ago
Docs: man:rsyslogd(8)
http://www.rsyslog.com/doc/
Main PID: 283 (rsyslogd)
CGroup: /system.slice/rsyslog.service
??283 /usr/sbin/rsyslogd -n
Feb 21 18:43:33 localhost systemd[1]: Starting System Logging Service...
Feb 21 18:43:33 localhost systemd[1]: Started System Logging Service.
root@localhost:/var/log#
root@localhost:/var/log# cat /etc/rsyslog.d/20-ufw.conf
# Log kernel generated UFW log messages to file
:msg,contains,"[UFW " /var/log/ufw.log
# Uncomment the following to stop logging anything that matches the last rule.
# Doing this will stop logging kernel generated UFW log messages to the file
# normally containing kern.* messages (eg, /var/log/kern.log)
#& stop
没有 /var/log/ufw.log 文件,也没有在 /var/log/syslog 和 /var/log/kern.log 中提到 UFW(最后一个不存在)
为什么UFW不记录?
解决方案位于:https : //superuser.com/questions/803996/no-kernel-messages-are-logged-to-kern-log
编辑/etc/rsyslog.conf和取消注释行:
module(load="imklog") # provides kernel logging support
然后, sudo service rsyslog restart
| 归档时间: |
|
| 查看次数: |
4423 次 |
| 最近记录: |