Packet Logging

IPSec on OS/2 Warp Server supports packet logging.

To configure packet logging, complete the following 5 steps.

  1. Create the following file:


    This is the firewall log configuration file, where the level of packet logging is defined.
    The file contains a single line, of the form:


    where the value parameter can be one of the following:

    10(Debug -All messages are logged)
    20(Informational -Information, warning, error and alert messages are logged)
    30(Warning -Warning, error and alert messages are logged)
    40(Errors -Error and alert messages are logged)
    50(Alert -Only alert messages are logged)

    so to log all packets, enter the line:


  2. Open an OS/2 window and type the following command:


    This runs the packet filter syslog daemon. A log file with today's date will be created in \MPTN\ETC. For example:


    would be the name of the file created on the 24th of August. The file will now be open.

  3. Open \MPTN\ETC\SECURITY\FWFILTRS.CNF in an editor and add:


    to the end of any rules that need to be logged.

  4. Open another OS/2 window (you will need to, as fssd will still be running) and type:

    cfgfilt -u -d

    This updates the filter rules and enables packet logging. You should notice this being added to the log file in the other window.

  5. To view the log file, change to the \MPTN\ETC directory and type:

    fwlslog file=(filename)

    where the filename parameter is the name of the log file. This is the only way to access the log file while it is still running.

    So to continue the example from above, type:

    fwlslog file=fw0824

blustar image Any packets that match the rules with logging enabled will now be logged.
(Default = denied packets are logged, permitted packets are not logged)