Answer to an old question
I know this is an old thread but I recently enabled logging in Bastille and finally found where it logs.
The log entries appear in /var/log/messages
I made some iptables rule changes and wanted to verify they were working so I edited /etc/Bastille/bastille-firewall.cfg and changed LOG_FAILURES to "Y" and then restarted Bastille with /etc/init.d/bastille-firewall restart
Since I only plan to allow logging temporarily, I did not edit /root/ispconfig/isp/conf/bastille-firewall.cfg.master. As till mentioned, you have to edit this file, too if you don't want your changes to be overwritten when you reboot.
A word of warning...
Turning this on can generate LOTS of log entries in a very short period of time. I would not advise setting LOG_FAILURES="Y" and forgetting about it!
Last edited by wpwood3; 29th January 2008 at 19:47.