Re: Iptables logging

To: debian-firewall@lists.debian.org
Subject: Re: Iptables logging
From: Micah Anderson <micah@riseup.net>
Date: Fri, 13 Apr 2001 19:29:10 -0700
Message-id: <20010413192910.W14998@riseup.net>
In-reply-to: <20010414091712.D29594@piro.kabuki.openfridge.net>; from daniel@kabuki.openfridge.net on Sat, Apr 14, 2001 at 09:17:12AM +1000
References: <01041323524605.00484@silence> <20010414091712.D29594@piro.kabuki.openfridge.net>

I've just about completed a port of fwanalog to be useful for us ipchains
folks, be on the lookout for it.

I am interested to know if ulogd/ulogd-mysql has any reporting
characteristics like fwanalog? It would be really nice to log my firewall
logs into a mysql database instead of flatfiles and then query the database
to pull out a analog report from it...

Micah


Daniel Stone schrieb am Samstag, den 14. April 2001:

> On Fri, Apr 13, 2001 at 11:52:46PM +0200, Kenneth Vestergaard Schmidt wrote:
> > Hi.
> > 
> > All you iptables-using people out there, maybe you should look at fwanalog, 
> > which just went into unstable. It parses the logged output (remember, -j LOG) 
> > from iptables into a format understood by analog, and then uses said program 
> > to create an (IMHO) nice log. If anybody would like to test it, please do, 
> > and send bug-reports, feature-improvements, etc, to either me or the 
> > mailling-list fwanalog@tud.at
> 
> I'm also preparing ulogd and ulogd-mysql, which is IMHO a much nicer
> solution.
> 
> You need the ulog patch from patch-o-matic in your kernel for it to work,
> but it logs to a file, in its own format, a syslog-like file, and, if you
> have ulogd-mysql, a mySQL database. 
> 
> It's extremely modular and extensible, so you can write your own output and
> interpreter plugins; ulogd-remote, which will log to a remote host, either
> to separate client or maybe another machine's ulogd, is currently on my
> vapourware-but-sounds-cool list ;)
> 
> But, um, looks good anyway, the output of -j LOG is suckage.
> 
> :) d
> 
> -- 
> Daniel Stone
> Linux Kernel Developer
> daniel@kabuki.openfridge.net
> 
> -----BEGIN GEEK CODE BLOCK-----
> Version: 3.1
> G!>CS d s++:- a---- C++ ULS++++$>B P---- L+++>++++ E+(joe)>+++ W++ N->++ !o
> K? w++(--) O---- M- V-- PS+++ PE- Y PGP>++ t--- 5-- X- R- tv-(!) b+++ DI+++ 
> D+ G e->++ h!(+) r+(%) y? UF++
> ------END GEEK CODE BLOCK------
> 
> 
> --  
> To UNSUBSCRIBE, email to debian-firewall-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to:

Follow-Ups:
- Re: Iptables logging
  - From: Daniel Stone <daniel@kabuki.openfridge.net>

References:
- Iptables logging
  - From: Kenneth Vestergaard Schmidt <kenneth@bitnisse.dk>
- Re: Iptables logging
  - From: Daniel Stone <daniel@kabuki.openfridge.net>

Prev by Date: Re: Changes to /etc/init.d/networking
Next by Date: Re: multiple loopback devices?
Previous by thread: Re: Iptables logging
Next by thread: Re: Iptables logging
Index(es):
- Date
- Thread