Manualshelf

R3166-R3206-HP High-End Firewalls System Management and Maintenance Configuration Guide-6PW101

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module
61626364656667686970
61
Figure 19 Network diagram for outputting log information to a UNIX log host
Configuration procedure
Before the configuration, make sure that there is a route between Firewall and PC.
Step1 Configure Firewall
# Enable information center.
<Sysname> system-view
[Sysname] info-center enable
# Specify the host with IP address 1.2.0.1/16 as the log host, use channel loghost to output log
information (optional, loghost by default), and use local4 as the logging facility.
[Sysname] info-center loghost 1.2.0.1 channel loghost facility local4
# Disable the output of log, trap, and debugging information of all modules on channel loghost.
[Sysname] info-center source default channel loghost debug state off log state off trap
state off
CAUTION:
A
s the default system confi
g
urations for different channels are different, you need to disable the output of
log, trap, and debugging information of all modules on the specified channel (loghost in this example)
first and then configure the output rule as needed so that unnecessary information will not be output.
# Configure the information output rule: allow log information of ARP and IP modules with severity equal
to or higher than informational to be output to the log host. (Note that the source modules allowed to
output information depend on the device model.)
[Sysname] info-center source arp channel loghost log level informational state on
[Sysname] info-center source ip channel loghost log level informational state on
Step2 Configure the log host
The following configurations were performed on SunOS 4.0 which has similar configurations to the UNIX
operating systems implemented by other vendors.
Step3 Log in to the log host as a root user.
Step4 Create a subdirectory named Firewall under directory /var/log/, and create file info.log under the
Firewall directory to save logs of Firewall.
# mkdir /var/log/Firewall
# touch /var/log/Firewall/info.log
Step5 Edit file /etc/syslog.conf and add the following contents.
# Firewall configuration messages
local4.info /var/log/Firewall/info.log
In the above configuration, local4 is the name of the logging facility used by the log host to receive logs.
info is the information level. The UNIX system will record the log information with severity level equal to
or higher than informational to file /var/log/Firewall/info.log.