Create the following file:
\MPTN\ETC\FWLOG.CNF
This is the firewall log configuration file, where the level of packet logging is defined.
The file contains a single line, of the form:
level=(value)
where the value
parameter can be one of the following:
10
(Debug
-
All messages are logged)
20
(Informational
-
Information, warning, error and alert messages are logged)
30 (Warning
- Warning, error and alert messages are logged)
40 | (Errors
- Error and alert messages are logged)
50 | (Alert
- Only alert messages are logged)
so to log all packets, enter the line:
level=10
Open an OS/2 window and type the following command:
fssd
This runs the packet filter syslog daemon. A log file with today's date will
be created in \MPTN\ETC. For example:
fw0824
would be the name of the file created on the 24th of August. The file will now be open.
Open \MPTN\ETC\SECURITY\FWFILTRS.CNF in an editor and add:
l=y
to the end of any rules that need to be logged.
Open another OS/2 window (you will need to, as fssd
will still be running) and type:
cfgfilt -u -d
This updates the filter rules and enables packet logging. You should notice
this being added to the log file in the other window.
To view the log file, change to the \MPTN\ETC directory and type:
fwlslog file=(filename)
where the filename parameter is the name of the log file.
This is the only way to access the log file while it is still running.
So to continue the example from above, type:
fwlslog file=fw0824

Any packets that match the rules with logging enabled will now be logged.
(Default = denied packets are logged, permitted packets are not logged)
|