I hope someone answers this ... as I have the same issue on a RH 7.3
server system.  I know the firewall is working as port forwarding that I
have set up in iptables is working just fine to machines behind the
firewall ... but ... NOTHING in the logs to speak of ... 

sorry I can not answer the question ... but you are not alone.

Randy

On Tue, 2007-03-20 at 15:57 -0500, Steve Linabery wrote:
> Hi,
> 
> I have a machine running CentOS 4.4. Pretty much a stock server install; I've done my usual checklist of things to turn off (isdn, portmap, nfs stuff, etc).
> 
> Almost all the log files (including old rotated logs) in /var/log are empty or nearly empty.
> 
> syslogd is running; 'logger teststring' produces an entry in /var/log/messages
> 
> Upon system restart, there are a few lines in /var/log/messages, but nothing like what I'd expect. Remote logins are not being logged.
> 
> My gut reaction to something like this is always "oh s***, it's been compromised", but I was wondering if anyone had any other possible explanations...
> 
> I can provide more info if needed.
> 
> Thanks