Project

General

Profile

Bug #5242

IPsec debug log settings not applied after stop/start or restart

Added by Chris Buechler about 4 years ago. Updated about 4 years ago.

Status:
Resolved
Priority:
High
Category:
IPsec
Target version:
Start date:
10/02/2015
Due date:
% Done:

0%

Estimated time:
Affected Version:
2.2.x
Affected Architecture:

Description

Debug log levels after a stop/start or restart rely on charondebug in ipsec.conf. But:
"Logger configurations in strongswan.conf have a higher priority than charondebug in ipsec.conf: If you define any loggers in strongswan.conf, charondebug does not have any effect at all."
https://wiki.strongswan.org/projects/strongswan/wiki/LoggerConfiguration

the debug log levels must be specified in strongswan.conf rather than as charondebug.

Associated revisions

Revision 54a52757 (diff)
Added by Chris Buechler about 4 years ago

Fix up strongswan logging levels. Remove charondebug since strongswan.conf settings take precedence. Set logging levels in strongswan.conf to match what's set on a running system via 'ipsec stroke loglevel', and remove log levels that were hard coded in strongswan.conf. Ticket #5242

Revision 31630f47 (diff)
Added by Chris Buechler about 4 years ago

Fix up strongswan logging levels. Remove charondebug since strongswan.conf settings take precedence. Set logging levels in strongswan.conf to match what's set on a running system via 'ipsec stroke loglevel', and remove log levels that were hard coded in strongswan.conf. Ticket #5242

Revision 6d134679 (diff)
Added by Chris Buechler about 4 years ago

only use daemon and not auth for strongswan logging. As it was, all logs were duplicated. Ticket #5242

Revision a6ee1b41 (diff)
Added by Chris Buechler about 4 years ago

only use daemon and not auth for strongswan logging. As it was, all logs were duplicated. Ticket #5242

Revision cce44072 (diff)
Added by Chris Buechler about 4 years ago

Disable strongswan logging under auth since it's all logged under daemon,
so nothing is duplicated. Ticket #5242

Revision ebd73e24 (diff)
Added by Chris Buechler about 4 years ago

Disable strongswan logging under auth since it's all logged under daemon,
so nothing is duplicated. Ticket #5242

History

#1 Updated by Chris Buechler about 4 years ago

  • Status changed from Confirmed to Feedback

should be fixed, leaving for review.

#2 Updated by Chris Buechler about 4 years ago

  • Assignee set to Chris Buechler

#3 Updated by Chris Buechler about 4 years ago

this seems to be fine, works on 2.2.5 and 2.3 after reboot and a stop/start. Asked mgsmith to double check.

#4 Updated by Chris Buechler about 4 years ago

  • Status changed from Feedback to Confirmed

still has some duplication of logs, looks like auth levels need to be set to silent.

#5 Updated by Chris Buechler about 4 years ago

  • Status changed from Confirmed to Feedback

log duplication fixed

#6 Updated by Chris Buechler about 4 years ago

  • Status changed from Feedback to Resolved

fixed

Also available in: Atom PDF