[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: logging with firehol

On 29/05/2004 Gian Piero Carrubba wrote:
> As said, I don't use firehol, so I can't help about how you can do that,
> nevertheless I'm sure you can.
> Generally speaking, you need a kernel with support for ulog target and
> netlink device, a running ulogd daemon and an iptables rule that
> redirect packages to ULOG target (instead of LOG).

ok, so loaded the ipt_ULOG module, and installed ulogd, but now i don't
know how to go on.

> With ulogd you can log to a specified file or to a running sql server
> (mysql and postgres supported, not sure about others). Can't remember if
> other possibilities allowed (they are enough for my needs).

mh, i think logging all the reject/drop notes like the one at the
initial threat post to one specified file would be interesting.

Any idea how to simply direct all iptables messages to ulog?

> As a side note, unless corrected in the last release, due to some
> changes the ulogd daemon present in woody can't work with kernels >
> 2.4.17 (or .16 ?), so if you use woody and a kernel > 2.4.(17|16) you
> need a backported ulogd.

ah, thanks for the info.
anyway, i'm using debian/sarge and kernel 2.4.26.


Reply to: