在etc/strongswan.conf文件中,添加如下的filelog
charon {
install_routes = no
load_modular = yes
plugins {
include strongswan.d/charon/*.conf
}
filelog {
charon {
# path to the log file, specify this as section name in versions prior to 5.7.0
path = /var/log/charon.log
# add a timestamp prefix
time_format = %b %e %T
# prepend connection name, simplifies grepping
ike_name = yes
# overwrite existing files
append = no
# increase default loglevel for all daemon subsystems
default = 4
# flush each line to disk
flush_line = yes
}
stderr {
# more detailed loglevel for a specific subsystem, overriding the
# default loglevel.
ike = 2
knl = 3
}
}
}
配置的strongswan的日志的格式
default = 2:
定义的是日志的级别,默认日志级别为:-1,0,1,2,3,4,-1是完全没有日志,
0只告诉你建立连接,连接关闭;
1只输出错误提示,
2会输出错误,警告和调试信息;
3会把连接传输的数据也打印;
4则会把密钥内容这些敏感数据也打印。
一般情况下,1或2都可以
append = no:
是相当你重启strogswan后,是按上次日志写,还是新建一个日志。
因为strogswan的日志太多了,所以用no flush_line = yes:
每产生一行日志,就写入到磁盘一次,防止突然断电,磁盘缓存数据丢失。
阅读(9807) | 评论(0) | 转发(0) |
